|
yeah let's use the premise from a fictional movie as a loose analogy for insider trading instead of the countless irl examples. pop culture plays better with the proles
|
# ? Sep 21, 2017 15:00 |
|
|
# ? May 15, 2024 03:23 |
|
wow gently caress that's a bad snipe
|
# ? Sep 21, 2017 15:01 |
|
Optimus_Rhyme posted:Are those internal domains? .root seems especially suspect maybe it was an ~advanced persistent threat~
|
# ? Sep 21, 2017 15:26 |
|
Optimus_Rhyme posted:Are those internal domains? Yes.
|
# ? Sep 21, 2017 16:23 |
|
Optimus_Rhyme posted:Are those internal domains? https://twitter.com/GossiTheDog/status/910870859245596673 bitdefender's latest security blog post is more concerned over How a data breach left two Equifax executives jobless and eroded public trust overnight e: turns out these were just api keys that companies had exposed and were brought up during an internal audit Wiggly Wayne DDS fucked around with this message at 18:22 on Sep 21, 2017 |
# ? Sep 21, 2017 16:59 |
|
hey thread: how does one get in contact with krebs? e: in a non-invasive manner obviously. dont want his home number thx
|
# ? Sep 21, 2017 17:01 |
|
Wiggly Wayne DDS posted:bitdefender's latest security blog post is more concerned over How a data breach left two Equifax executives jobless and eroded public trust overnight I guess they know who to address to get funding for security fixed..... ...ahhh, who am I kidding, CIOs are a FYGM of IT decisions.
|
# ? Sep 21, 2017 17:04 |
|
Shinku ABOOKEN posted:hey thread: how does one get in contact with krebs? krebsonsecurity@gmail.com
|
# ? Sep 21, 2017 17:05 |
|
Shinku ABOOKEN posted:hey thread: how does one get in contact with krebs? oxaloacetate and acetyl coa
|
# ? Sep 21, 2017 17:18 |
|
thx
|
# ? Sep 21, 2017 17:22 |
|
anyone want a new dom fuzzer? https://github.com/google/domato https://googleprojectzero.blogspot.co.uk/2017/09/the-great-dom-fuzz-off-of-2017.html
|
# ? Sep 21, 2017 17:37 |
|
CommieGIR posted:CIOs are a FYGM of IT decisions.
|
# ? Sep 21, 2017 17:42 |
|
CommieGIR posted:I guess they know who to address to get funding for security fixed..... CTOs are the FCKGW
|
# ? Sep 21, 2017 17:51 |
|
flakeloaf posted:CTOs are the FCKGW "Hey guys, we got hacked, let's sell our stock before making the announcement!" I worked with a CTO for a Fortune 500 in Georgia, and the guy was immensely clueless on technology other than knowing how to use his phone to check Facebook.
|
# ? Sep 21, 2017 18:03 |
|
lol nothing mattersBloomberg Law posted:Equifax Inc. could get away with paying a mere $1 per person after failing to protect almost half of America's credit data.
|
# ? Sep 21, 2017 18:17 |
|
i mean if eric holder wouldn't prosecute banks for literally laundering money for drug cartels ("it might destabilize the economy if we sent important executives to jail ") then yeah there's no fuckin' hope equifax sees any legal consequences for this poo poo
|
# ? Sep 21, 2017 18:26 |
|
w/ the cartel stuff it was cause its the CIA's money.
|
# ? Sep 21, 2017 18:37 |
|
Shaggar posted:w/ the cartel stuff it was cause its the CIA's money. Yeah, but Trump's DOJ isn't going to touch the banks, no way in hell.
|
# ? Sep 21, 2017 18:50 |
|
nobody is gonna touch their money unless they collapse and then maybe they'll consider touching it but more likely they'll just give them more.
|
# ? Sep 21, 2017 19:15 |
|
SAN FRANCISCO (Reuters) - An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies. https://www.reuters.com/article/us-...t-idUSKCN1BW0GV
|
# ? Sep 21, 2017 20:13 |
|
Carbon dioxide posted:SAN FRANCISCO (Reuters) - An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies.
|
# ? Sep 21, 2017 20:16 |
|
WAR DOGS OF SOCHI posted:lol nothing matters lmao how is that not a slam dunk case
|
# ? Sep 21, 2017 21:54 |
|
Just-In-Timeberlake posted:lmao how is that not a slam dunk case It is a slam dunk case, but they are actively passing measures and laws to protect Equifax.
|
# ? Sep 21, 2017 22:22 |
|
flakeloaf posted:oxaloacetate and acetyl coa booo
|
# ? Sep 21, 2017 22:24 |
|
flakeloaf posted:oxaloacetate and acetyl coa Boo this man E:f;b
|
# ? Sep 21, 2017 22:28 |
|
Carbon dioxide posted:SAN FRANCISCO (Reuters) - An international group of cryptography experts has forced the U.S. National Security Agency to back down over two data encryption techniques it wanted set as global industry standards, reflecting deep mistrust among close U.S. allies. the algorithms in question are block ciphers SIMON and SPECK. did we really need two new block ciphers, anyway?
|
# ? Sep 21, 2017 22:35 |
|
hackbunny posted:the algorithms in question are block ciphers SIMON and SPECK. did we really need two new block ciphers, anyway? Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. So... Yes?
|
# ? Sep 21, 2017 22:39 |
|
Have I got the basics of this right? We've got perfectly good encryption methods that are basically uncrackable (without the aid of quantum computing), but the encryption/decryption is too compute heavy to be used in real-time applications; therefore, we need more "light-weight" versions but this in turn makes cracking them possible with current tech. That sound about right?
|
# ? Sep 21, 2017 22:44 |
|
spankmeister posted:Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. And yet apparently the Information Assurance Directorate didn't develop those ciphers
|
# ? Sep 21, 2017 22:46 |
|
a developer wants to plug a single pgp keypair that i made last year into some global automated process instead of making keypairs for each of our clients. let's see if i can talk him out of it
|
# ? Sep 21, 2017 22:46 |
|
Trabisnikof posted:And yet apparently the Information Assurance Directorate didn't develop those ciphers Yeah I get why they don't trust the NSA.
|
# ? Sep 21, 2017 22:57 |
|
I took a cursory glance at those ciphers and it's not immediately obvious to me where that backdoor could reside. With DUAL_EC it was pretty clear where the funny business could take place and the algorithm was suspect even before the whole juniper deal.
|
# ? Sep 21, 2017 23:00 |
|
spankmeister posted:Speck has been optimized for performance in software implementations, while its sister algorithm, Simon, has been optimized for hardware implementations. and aes rounds are now cpu instructions. so?
|
# ? Sep 21, 2017 23:17 |
|
Trabisnikof posted:And yet apparently the Information Assurance Directorate didn't develop those ciphers that’s not where the crypto people sit though
|
# ? Sep 21, 2017 23:22 |
|
Hed posted:thats not where the crypto people sit though but doesn't iad run the defense side crypto or is that td? also lol at having to install new root certs to visit https://iad.gov edit: maybe i just need to enable tls 1.3 but w/e
|
# ? Sep 21, 2017 23:39 |
|
spankmeister posted:I took a cursory glance at those ciphers and it's not immediately obvious to me where that backdoor could reside. thank god you're here to glance at ciphers for 30 seconds and declare them backdoor free
|
# ? Sep 22, 2017 00:11 |
|
a few DRUNK BONERS posted:thank god you're here to glance at ciphers for 30 seconds and declare them backdoor free did you fail to decrypt his post? that's not what he said
|
# ? Sep 22, 2017 00:15 |
|
SVR Tracking leaks thousands of account credentials for vehicle tracking service, via everyone's favourite, unprotected amazon s3 bucket
|
# ? Sep 22, 2017 00:16 |
|
WAR DOGS OF SOCHI posted:Have I got the basics of this right? there's always a need for new ciphers, and in this case there's a need for new symmetric key block ciphers because AES isn't getting any younger and attacks on AES aren't getting any worse consider SHA-1: having SHA-2 out, well-reviewed, and well-established in most computing environments for like a decade gave most projects on it something to move to quickly
|
# ? Sep 22, 2017 04:42 |
|
|
# ? May 15, 2024 03:23 |
|
flakeloaf posted:oxaloacetate and acetyl coa had to look this one up, glad i did
|
# ? Sep 22, 2017 05:02 |