|
JewKiller 3000 posted:i leave my desktop unlocked sometimes. nobody has ever touched it, because they're all deathly afraid of pissing me off. this is the way things should be so you work with jews
|
#
?
Jul 20, 2017 03:39
|
|
|
|
| # ? May 14, 2024 08:28 |
|
|
mrmcd posted:Stolen from the bitcoin thread: https://news.ycombinator.com/item?id=14691212 lmao at all the idiots rushing to discredit op because WELL YOU SHOULD NEVER USE FLOATING POINT FOR MONEY SO
|
|
#
?
Jul 20, 2017 03:45
|
|
|
A Pinball Wizard posted:https://news.ycombinator.com/item?id=14691212 I mean you shouldn't but that's like yelling "hahaha loser we sanitized our water! The sewer never goes into the tap because we have no sewer!" while the whole world burns down with fireborne aids virus and you're hording needle chairs.
|
|
#
?
Jul 20, 2017 04:54
|
|
|
Diva Cupcake posted:At least he's getting a BH talk on it. There were a few chaos computing club videos were they talked about the risks of things like network and intel ME chips executing arbitrary code internally and being forever in a compromised state because there is no reliable way to guarantee its been reverted/restored to a known good state. It's lovely stuff.
|
|
#
?
Jul 20, 2017 05:01
|
|
|
mrmcd posted:I mean you shouldn't but that's like yelling "hahaha loser we sanitized our water! The sewer never goes into the tap because we have no sewer!" while the whole world burns down with fireborne aids virus and you're hording needle chairs. if there's one thing bitcoiners definitely never ever do and definitely don't have a long and hilarious history loving up it's floating point numbers representing currency
|
|
#
?
Jul 20, 2017 05:16
|
|
|
mrmcd posted:Stolen from the bitcoin thread: don't use floating points for money. rest is  thoe lol
|
|
#
?
Jul 20, 2017 09:33
|
|
|
Powaqoatse posted:don't use floating points for money. pretty much my reaction as well. completely omitting the ability to use floats means someone had a moment of insight into the inevitability of some *coiner using them in a dumb way if they were present. it's like realizing that kids will be in the kitchen and taking away everything sharper than a silicone spatula. or, given the shitshow of the rest of the language... someone hosed up in a way that for once turned out to be good.
|
|
#
?
Jul 20, 2017 11:56
|
|
|
Shifty Pony posted:it's like realizing that kids will be in the kitchen and taking away everything sharper than a silicone spatula. then telling them to peel a 10lb bag of potatoes also the spatula is made of silly putty instead of silicone
|
|
#
?
Jul 20, 2017 12:23
|
|
|
any defcon streams expected this year? i'd love to watch a few talks, i hope i don't have to wait months for them to show up on youtube
|
|
#
?
Jul 20, 2017 12:35
|
|
|
https://twitter.com/EmiratesNBD/status/886863729547149312
|
|
#
?
Jul 20, 2017 14:01
|
|
|
I smell lanmanager hashes
|
|
#
?
Jul 20, 2017 14:09
|
|
|
It's a huge red flag to me when a website has a limit on maximum password length. They should be hashed and salted correct? Then all of the entered passwords should be the same god drat length in your database.
|
|
#
?
Jul 20, 2017 14:12
|
|
|
otoh something like a 1KB or 4KB password limit seems reasonable to keep people from posting 10GB data as their password and DoSing your systems with huge amounts of data to hash
|
|
#
?
Jul 20, 2017 14:18
|
|
|
ratbert90 posted:It's a huge red flag to me when a website has a limit on maximum password length. Yes. There's basically no reason for it (aside from sanity checks like not accepting 25gb of data as a password) unless you hosed up real bad. I mean you could still be hashing and salting correctly and also limit length, but that 'best case scenario' just shows you have no idea what you're doing.
|
|
#
?
Jul 20, 2017 14:18
|
|
|
My last job, when I got there, stored passwords for a trading system, where people would login over the internet and do millions of dollars in transactions, as cleartext in a sql database. After I yelled at them for a year about how dumb and bad this was, they finally relented and changed it to... unsalted md5.
|
|
#
?
Jul 20, 2017 14:29
|
|
|
i set a 20 character complex password for online banking and when i logged in it said "please enter characters 4, 10, 17" 
|
|
#
?
Jul 20, 2017 14:38
|
|
|
hackers can turn your segway into a bomb
|
|
#
?
Jul 20, 2017 14:50
|
|
|
So after some speculation it turns out Alphabay was indeed taken down by the feds. A lot of users fled to Hansa market. Which was under control of Dutch police during that time. And they disabled all encryption so they could read all messages and have a full dump of user data. Very slick operation imo.
|
|
#
?
Jul 20, 2017 15:29
|
|
|
https://www.politie.nl/en/news/2017/july/20/underground-hansa-market-taken-over-and-shut-down.htmlquote:Nederland - As part of an extensive international investigation, the Netherlands Police and the Public Prosecution Service have dismantled, seized control of, and shut down one of the biggest illegal market places on the internet today. It is Hansa Market, currently the most popular dark market in the ‘anonymous’ part of the internet, the so-called darknet.
|
|
#
?
Jul 20, 2017 15:31
|
|
|
spankmeister posted:So after some speculation it turns out Alphabay was indeed taken down by the feds. 
|
|
#
?
Jul 20, 2017 15:52
|
|
|
spankmeister posted:So after some speculation it turns out Alphabay was indeed taken down by the feds. nice!
|
|
#
?
Jul 20, 2017 15:54
|
|
|
Powerful Two-Hander posted:i set a 20 character complex password for online banking and when i logged in it said "please enter characters 4, 10, 17" what's wrong with this? it stops you getting owned by keyloggers which is a legit threat (esp for your average joe)
|
|
#
?
Jul 20, 2017 16:04
|
|
|
https://twitter.com/zackwhittaker/status/888041129526079488 Pimp_Alex_91
|
|
#
?
Jul 20, 2017 16:05
|
|
|
Mr SuperAwesome posted:what's wrong with this? it stops you getting owned by keyloggers which is a legit threat (esp for your average joe) the fact that they can check individual characters in your password means that they've stored the plaintext password
|
|
#
?
Jul 20, 2017 16:07
|
|
|
oh yeah welp (well unless they precompute each possible 3-character combination of your password and hash + salt that individually but lol thats not likely at all)
|
|
#
?
Jul 20, 2017 16:11
|
|
|
Wiggly Wayne DDS posted:
|
|
#
?
Jul 20, 2017 16:28
|
|
|
https://twitter.com/abdilo__/status/888054760166703104
|
|
#
?
Jul 20, 2017 16:38
|
|
|
Rooney McNibnug posted:Pimp_Alex_91  until you get caught and kill yourself.
|
|
#
?
Jul 20, 2017 16:42
|
|
|
the gently caress is alphabay?
|
|
#
?
Jul 20, 2017 16:58
|
|
|
Migishu posted:the gently caress is alphabay?
|
|
#
?
Jul 20, 2017 17:02
|
|
|
|
|
#
?
Jul 20, 2017 17:10
|
|
|
https://twitter.com/pwnallthethings/status/888060321365209088
|
|
#
?
Jul 20, 2017 17:11
|
|
|
edit: dammit slickest part imo: https://twitter.com/pwnallthethings/status/888060321365209088 crash the server with the arresting swat team ready to go and then send them in when you see him log in to reboot it so you know his personal system isn't powered down and encrypted.
|
|
#
?
Jul 20, 2017 17:14
|
|
|
lmbo
|
|
#
?
Jul 20, 2017 17:28
|
|
|
cinci zoo sniper posted:hackers can turn your segway into a bomb
|
|
#
?
Jul 20, 2017 17:29
|
|
|
passwordsformyillegaldrugmarket.txt
|
|
#
?
Jul 20, 2017 17:55
|
|
|
https://www.ioactive.com/pdfs/IOActive-Security-Advisory-Ninebot-Segway-miniPRO_Final.pdf
|
|
#
?
Jul 20, 2017 18:22
|
|
|
lol http://money.cnn.com/2017/07/19/technology/fish-tank-hack-darktrace/index.html
|
|
#
?
Jul 20, 2017 18:41
|
|
|
Here's the Krebs article on the whole Alphabay/ Hansa thing https://krebsonsecurity.com/2017/07/after-alphabays-demise-customers-flocked-to-dark-market-run-by-dutch-police/
|
|
#
?
Jul 20, 2017 18:52
|
|
|
|
| # ? May 14, 2024 08:28 |
|
|
https://twitter.com/dyn___/status/888057949821784064
|
|
#
?
Jul 20, 2017 18:55
|
|
