|
lol that owns
|
# ? Aug 11, 2017 17:16 |
|
|
# ? May 15, 2024 04:17 |
|
is there any VPN provider that's not secretly horrible like I don't mean "suggest me which vpn provider you like!!!" I mean are any of them capable of actually proving they're not horrible in some meaningful way
|
# ? Aug 11, 2017 17:25 |
|
ate all the Oreos posted:is there any VPN provider that's not secretly horrible they're all differently horrible and personal VPNs are just a race to the bottom when they're not self hosted nerd poo poo
|
# ? Aug 11, 2017 17:35 |
|
ate all the Oreos posted:is there any VPN provider that's not secretly horrible
|
# ? Aug 11, 2017 17:49 |
|
anthonypants posted:algo, which you set up yourself, on a vps you trust
|
# ? Aug 11, 2017 17:59 |
|
anthonypants posted:algo, which you set up yourself, on a vps you trust ok sure, but that just kicks the can down the road to "which VPS do I trust"
|
# ? Aug 11, 2017 18:01 |
|
ate all the Oreos posted:ok sure, but that just kicks the can down the road to "which VPS do I trust" id say standard vps options most people would be considering (aws, digitalocean, etc) are more reputable than any vpn option.
|
# ? Aug 11, 2017 18:03 |
|
ate all the Oreos posted:ok sure, but that just kicks the can down the road to "which VPS do I trust" yeah and you have to either do some threat modeling or just be a small mostly un-sketchy fish on AWS light sail or digital ocean or something
|
# ? Aug 11, 2017 18:03 |
|
Cocoa Crispies posted:yeah and you have to either do some threat modeling or just be a small mostly un-sketchy fish on AWS light sail or digital ocean or something
|
# ? Aug 11, 2017 18:04 |
|
According to the logs at work someone tried to "hack" the company website by setting a randomly generated id stored in a cookie to "file///etc/passwd". I can't even think of any setup in which that would actually do anything. What the hell.
|
# ? Aug 11, 2017 18:19 |
|
Carbon dioxide posted:According to the logs at work someone tried to "hack" the company website by setting a randomly generated id stored in a cookie to "file///etc/passwd". i love looking at the things bots try, it's always some bizarre poo poo like that that makes me think "wait did that actually work on some server at some point what the gently caress" e: well not always, most of the time it's boring poo poo, but whatever i don't remember those so it's always to me dammit Shame Boy fucked around with this message at 18:23 on Aug 11, 2017 |
# ? Aug 11, 2017 18:21 |
|
probably just someone loving around manually with BurpSuite?
|
# ? Aug 11, 2017 19:16 |
|
ate all the Oreos posted:is there any VPN provider that's not secretly horrible i rolled my own algo server and host it on digital ocean... i'm guessing that's reasonably private? edit: or you can go full wikileaks and just do everything on tor
|
# ? Aug 11, 2017 19:22 |
|
the Onavo stuff was always bullshit. didn't even proxy correctly, so they kept breaking on the actual FB apps
|
# ? Aug 11, 2017 19:22 |
|
the transcript for malwaretech's august 4th proceeding is up: https://www.documentcloud.org/documents/3923335-USA-v-Marcus-Hutchins-August-4-2017-Hearing.html there's a bunch of absurd parts in there, but crucially the prosecution's claiming there's another co-defendant at large conveniently excusing why kronos is still getting updates also the tale has now evolved to sold software that later became the malware
|
# ? Aug 11, 2017 19:41 |
|
Wiggly Wayne DDS posted:also the tale has now evolved to sold software that later became the malware imagine the manufacturer of a physical weapon being punished for the same...
|
# ? Aug 11, 2017 20:48 |
|
Wiggly Wayne DDS posted:the transcript for malwaretech's august 4th proceeding is up: https://www.documentcloud.org/documents/3923335-USA-v-Marcus-Hutchins-August-4-2017-Hearing.html I could've walked to the courthouse he had an appearance in on Tuesday morning. If he's got any more dates coming up I might try to go and see it.
|
# ? Aug 11, 2017 20:50 |
|
ThePeavstenator posted:I could've walked to the courthouse he had an appearance in on Tuesday morning. If he's got any more dates coming up I might try to go and see it. http://www.wied.uscourts.gov/court-hearings-calendar posted:08/14/2017
|
# ? Aug 11, 2017 21:05 |
|
Wiggly Wayne DDS posted:if you're free monday and there's room: Nah I'm not gonna take off work for it until the more juicy parts happen if they even happen.
|
# ? Aug 11, 2017 21:21 |
|
is it gonna go full Aaron whats his gently caress and kill heself or will he rise like a 700 pound phoenix Kim Dotcom style
|
# ? Aug 11, 2017 21:22 |
|
my bitter bi rival posted:imagine the manufacturer of a physical weapon being punished for the same... Sounds like they're loving with him and want something.
|
# ? Aug 11, 2017 21:29 |
|
Wiggly Wayne DDS posted:the transcript for malwaretech's august 4th proceeding is up: https://www.documentcloud.org/documents/3923335-USA-v-Marcus-Hutchins-August-4-2017-Hearing.html it's apparently illegal for an alien on a non immigrant visa to take possession of a firearm? that explains the prosecutions strange obsession with pointing out he fired a gun but
|
# ? Aug 11, 2017 21:32 |
|
hobbesmaster posted:it's apparently illegal for an alien on a non immigrant visa to take possession of a firearm? this is probably one of the first times in history that has been applied against a white man lmao
|
# ? Aug 11, 2017 21:35 |
|
hobbesmaster posted:it's apparently illegal for an alien on a non immigrant visa to take possession of a firearm? bet those rental ranges in vegas are worried
|
# ? Aug 11, 2017 21:39 |
|
FAT32 SHAMER posted:this is probably one of the first times in history that has been applied against a white man lmao well at least the judge agreed with the defense that it doesn't matter since there were ads in the airport for it and he showed his real passport
|
# ? Aug 11, 2017 21:42 |
|
|
# ? Aug 11, 2017 22:42 |
|
hes no feynman
|
# ? Aug 11, 2017 23:04 |
|
FAT32 SHAMER posted:this is probably one of the first times in history that has been applied against a white man lmao Nah, before the 1960's firearms law applied to all political dissidents, not just white dudes. It wasn't until the Dems got scared of black people with guns that gun-control got racist.
|
# ? Aug 12, 2017 02:37 |
|
ate poo poo on live tv posted:Nah, before the 1960's firearms law applied to all political dissidents, not just white dudes. It wasn't until the Dems got scared of black people with guns that gun-control got racist. noted democrat ronald reagan
|
# ? Aug 12, 2017 03:21 |
|
stoopidmunkey posted:Sec fuckup I just became privy to: Our ticket tracking software has an asset management component. The vendor requires a service account that can ssh into a server and needs sudo access. All their tools it runs can get the same data over snmp, but they want ssh access (hard-coded password) and sudo. They say it's safe if you restrict the account in /etc/sudoers is that a requirement from the vendor or from servicenow? we use servicenow and it seems p good compared to other ticketing software on the front-end at least. however now that i think on it there are some extremely janky bits on the back-end. we need to pull user satisfaction survey results in bulk for monthly reporting and the only way they could do that is with the special snow ODBC driver which is so garbage that the server it is installed on has to be rebooted daily because it just completely dies in the rear end after X number of hours.
|
# ? Aug 12, 2017 03:48 |
|
stoopidmunkey posted:Sec fuckup I just became privy to: Our ticket tracking software has an asset management component. The vendor requires a service account that can ssh into a server and needs sudo access. All their tools it runs can get the same data over snmp, but they want ssh access (hard-coded password) and sudo. They say it's safe if you restrict the account in /etc/sudoers this might explain why our enormous service now instance doesn't do asset management despite it being sold as a service catalog management platform! i proudly never close or update any ticket assigned to me because it's a waste of time and does nothing but produce meaningless metrics.
|
# ? Aug 12, 2017 09:43 |
|
https://www.bleepingcomputer.com/news/hardware/botched-firmware-update-bricks-hundreds-of-smart-door-locks/quote:On Tuesday, August 8, smart locks manufacturer LockState botched an over-the-air firmware update for its WiFi enabled smart locks, causing the devices to lose connectivity to the vendor's servers and the ability to open doors for its users.
|
# ? Aug 12, 2017 14:11 |
|
Rooney McNibnug posted:https://www.bleepingcomputer.com/news/hardware/botched-firmware-update-bricks-hundreds-of-smart-door-locks/ Don't stop I'm so close
|
# ? Aug 12, 2017 14:17 |
|
Rooney McNibnug posted:https://www.bleepingcomputer.com/news/hardware/botched-firmware-update-bricks-hundreds-of-smart-door-locks/ loving vendor lock in stallman was right
|
# ? Aug 12, 2017 14:37 |
|
Powerful Two-Hander posted:Security Fuckup Megathread - v14.0 - vendor lock in
|
# ? Aug 12, 2017 14:58 |
|
coffeetable posted:Security Fuckup Megathread - v14.0 - vendor lock out
|
# ? Aug 12, 2017 15:09 |
|
Powerful Two-Hander posted:loving vendor lock in 1987: what is that stallman guy going on about, it's not like a computer company is going to ever control some actual important part of my life 2017: *family burns to death inside of their malfunctioning smart house*
|
# ? Aug 12, 2017 15:41 |
|
yep
|
# ? Aug 12, 2017 16:57 |
|
So it turns out that Firefox has decided that they want to do "staged rollouts" of their updates, slowly letting more and more people access them over several weeks. Problem: this includes security updates. Firefox won't let me install Firefox 55 despite the fact that it fixes 5 critical security flaws. You can't force the update. You can't just install the latest version since it's already installed and they use a "stub installer" that downloads the rest. Your only option is to uninstall the entire thing and install from scratch, just to get security updates.
|
# ? Aug 12, 2017 18:13 |
|
|
# ? May 15, 2024 04:17 |
|
what
|
# ? Aug 12, 2017 18:25 |