|
CLAM DOWN posted:https://autodiscover.deloitte.com/owa/auth/logon.aspx?replaceCurrent=1&url=https%3a%2f%2fautodiscover.deloitte.com%2fecp Actual administrative functionality may still be disabled.
|
#
?
Sep 26, 2017 19:14
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
Diva Cupcake posted:I'm not 100% positive as my Exchange architecture is rusty but I'm fairly certain that the ECP virtual directory is necessary for users to set their OOO messages via OWA in Exchange 2013+. That's fair, I never admin Exchange and haven't touched it since 2007 so wasn't sure. I just figured any admin panel accessible from the internet was a bad idea.
|
|
#
?
Sep 26, 2017 19:15
|
|
|
Diva Cupcake posted:I'm not 100% positive as my Exchange architecture is rusty but I'm fairly certain that the ECP virtual directory is necessary for users to set their OOO messages via OWA in Exchange 2013+. End users need ECP for a bunch of things like ooo, inbox rules, retention policy settings, distro group management, signature setting, whitelist/blacklist, manage addins etc etc.
|
|
#
?
Sep 26, 2017 21:25
|
|
|
If Deloitte isn't penny-stock by next week, I'm going to be very disappointed in the Invisible Hand of the Market. Also: Subjunctive posted:2 Fuckup Authentication
|
|
#
?
Sep 27, 2017 01:55
|
|
|
https://www.reddit.com/r/privacy/comments/3frjqw/psa_kaspersky_injects_remote_javascript_into_all/quote:its not remote its local to your machine quote:The problem is that this could change without notice at any moment. The domain is resolved through their DNS, not locally, so the fact that it "currently" resolves to a loopback address is moot. Is this bad
|
|
#
?
Sep 27, 2017 06:27
|
|
|
Boris Galerkin posted:https://www.reddit.com/r/privacy/comments/3frjqw/psa_kaspersky_injects_remote_javascript_into_all/ Unless you meant reddit, in which case, yes, reddit is very bad.
|
|
#
?
Sep 27, 2017 06:32
|
|
|
Absurd Alhazred posted:If Deloitte isn't penny-stock by next week, I'm going to be very disappointed in the Invisible Hand of the Market. Better prepare your pity party, the market has shown that it doesn't care about massive security breaches.
|
|
#
?
Sep 27, 2017 14:36
|
|
|
Security hurts our bottom line. Security breaches, on the other hand, only hurt the poors.
|
|
#
?
Sep 27, 2017 14:42
|
|
|
Cup Runneth Over posted:Security hurts our bottom line. Security breaches, on the other hand, only hurt the poors. Man you nailed it. I'm depressed now 
|
|
#
?
Sep 27, 2017 15:49
|
|
|
Cup Runneth Over posted:Security hurts our bottom line. Security breaches, on the other hand, only hurt the poors. Yup. Nothing will ever change, our entire industry is pointless.
|
|
#
?
Sep 27, 2017 16:17
|
|
|
Boris Galerkin posted:https://www.reddit.com/r/privacy/comments/3frjqw/psa_kaspersky_injects_remote_javascript_into_all/ quote:submitted 2 years ago
|
|
#
?
Sep 27, 2017 16:20
|
|
|
Well, class actions can still gently caress the company's bottom line (and result in downsizing on the lower positions, loving the poors again)
|
|
#
?
Sep 27, 2017 16:22
|
|
|
orange sky posted:Well, class actions can still gently caress the company's bottom line Of course now lobbyists will make sure class actions can never amount to anything.
|
|
#
?
Sep 27, 2017 16:25
|
|
|
evil_bunnY posted:
Will? Isn't there literally a bill in the House that says "Class action can't do poo poo all" right now?
|
|
#
?
Sep 27, 2017 16:29
|
|
|
Avenging_Mikon posted:Will? Isn't there literally a bill in the House that says "Class action can't do poo poo all" right now?
|
|
#
?
Sep 27, 2017 16:47
|
|
|
What's stopping Equifax from starting a spinoff with nothing related to their brand, transfer their managers and sell all their data to the spinoff, effectively cleaning their image?
|
|
#
?
Sep 27, 2017 17:04
|
|
|
orange sky posted:What's stopping Equifax from starting a spinoff with nothing related to their brand, transfer their managers and sell all their data to the spinoff, effectively cleaning their image? Nothing. Blackwater-playbook.txt
|
|
#
?
Sep 27, 2017 17:37
|
|
|
I'd say that's gonna happen a lot in the future, when companies find out they've been hacked for the last 5 years without noticing
|
|
#
?
Sep 27, 2017 17:39
|
|
|
CLAM DOWN posted:Yup. Nothing will ever change, our entire industry is pointless. Hey as long as the industry is redirecting money into my pocket that's okay.
|
|
#
?
Sep 27, 2017 17:39
|
|
|
orange sky posted:I'd say that's gonna happen a lot in the future, when companies find out they've been hacked for the last 5 years without noticing That plus.every state entity. Evis posted:Hey as long as the industry is attributing validity and value to my empty, overworked soul that's okay.
|
|
#
?
Sep 27, 2017 17:42
|
|
|
Evis posted:Hey as long as the industry is redirecting money into my pocket that's okay. The worst part is, I really enjoy infosec. I find it fascinating and challenging, my personal interest/passion in this field lies in cipher technologies, encryption, algorithms, the math and tech behind them. But holy hell are we ever hosed and this is a totally pointless endeavour overall tbh.
|
|
#
?
Sep 27, 2017 17:49
|
|
|
Potato Salad posted:Nothing. Accenture.txt
|
|
#
?
Sep 27, 2017 18:09
|
|
|
I feel the same way, but I don't really let it get me down. I provide a service my employers are happy with. The overall direction of industries that I think would benefit from better security is way above my pay grade.
|
|
#
?
Sep 27, 2017 18:21
|
|
|
Good news, you guys will have work forever until all of us software engineers switch over to TLA+ or other provable software dev techniques. Sucks that that means everyone else gets hosed. Well I guess infosec guys are people as well so you get hosed but compensated somewhat by having more work.
|
|
#
?
Sep 27, 2017 18:22
|
|
|
Avenging_Mikon posted:Will? Isn't there literally a bill in the House that says "Class action can't do poo poo all" right now? I understand that the USA are really full throttle in favor of free-market, weak state, strong companies, etc.. How does one keep thinking like this when they see what you quoted? Is anybody, anybody who doesn't have a direct stake that is, in agreement that class actions are bad, etc. ? This is a genuine question from a dirty left-wing European who cannot wrap his head around this. Send me my PM if you prefer (this not being D&D).
|
|
#
?
Sep 27, 2017 19:55
|
|
|
Furism posted:I understand that the USA are really full throttle in favor of free-market, weak state, strong companies, etc.. How does one keep thinking like this when they see what you quoted? Is anybody, anybody who doesn't have a direct stake that is, in agreement that class actions are bad, etc. ? This is a genuine question from a dirty left-wing European who cannot wrap his head around this. Send me my PM if you prefer (this not being D&D). I think at least some small part of it is how short our memories are, and how powerfully conditioned we seem to be to give every possible benefit of the doubt to the invisible hand of money -- capitalism as something that cultivates self-policing, ethical behavior. My much more personal opinion is that we frequently conflate capitalism, patriotism, and Christianity -- so many Americans fuse those three separate things into a single lens through which they interpret the world. I'm only really comfortable living where I do because my husband is a canadian citizen with a current passport with our marriage certificate stapled inside
|
|
#
?
Sep 27, 2017 20:04
|
|
|
Potato Salad posted:I think at least some small part of it is how short our memories are, and how powerfully conditioned we seem to be to give every possible benefit of the doubt to the invisible hand of money -- capitalism as something that cultivates self-policing, ethical behavior. My much more personal opinion is that we frequently conflate capitalism, patriotism, and Christianity -- so many Americans fuse those three separate things into a single lens through which they interpret the world. I'm only really comfortable living where I do because my husband is a canadian citizen with a current passport with our marriage certificate stapled inside 
|
|
#
?
Sep 27, 2017 20:22
|
|
|
Where's the dating site for me to seduce American chicks with my Canadian passport Obama????????????
|
|
#
?
Sep 27, 2017 20:31
|
|
|
mewse posted:Where's the dating site for me to seduce American chicks with my Canadian passport Obama???????????? Hell, same
|
|
#
?
Sep 27, 2017 20:32
|
|
|
mewse posted:Where's the dating site for me to seduce American chicks with my Canadian passport Obama???????????? https://www.ofa.us http://www.dsausa.org
|
|
#
?
Sep 27, 2017 20:33
|
|
|
 Actual content: There's a TOR tunnel to Ireland going through a firewall at one of my clients. Happy Wednesday.
|
|
#
?
Sep 27, 2017 20:44
|
|
|
Furism posted:I understand that the USA are really full throttle in favor of free-market, weak state, strong companies, etc.. How does one keep thinking like this when they see what you quoted? Is anybody, anybody who doesn't have a direct stake that is, in agreement that class actions are bad, etc. ? This is a genuine question from a dirty left-wing European who cannot wrap his head around this. Send me my PM if you prefer (this not being D&D).  (pretend I edited the tv to show the Fox logo)
|
|
#
?
Sep 27, 2017 22:31
|
|
|
mewse posted:Where's the dating site for me to seduce American chicks with my Canadian passport Obama???????????? I believe we call it "the entire state of Minnesota"
|
|
#
?
Sep 28, 2017 00:43
|
|
|
https://signal.org/blog/private-contact-discovery/ tl;dr summary: use the new intel 6xxx and 7xxx secure enclave to run the contact matching code on signal's servers to prevent them from learning your contact list. Then use remote attestation of deterministically compiled open source code to prove to the client that their query was conducted inside the secure enclave. If I'm following right, they're using EPID to be able to anonymously sign code using the intel trusted group. You can't tell which processor did the signature, just that they're a member of the group. Ok. Group keys are cool poo poo. From there, the chain of trust is pretty trivial - you sign the enclave package with an ephemeral key signed by the anonymous group key. That gives you a chain of trust back to intel's foundries. Here's the rub: Signal's threat model is nation states, including 5-eyes and China. There's zero chance that they're ignoring this, and they absolutely have the group keys they need to sign an enclave but run the query outside it. It's still a cool idea though, and it'd be useful for anything where the threat model isn't the NSA.
|
|
#
?
Sep 28, 2017 07:53
|
|
|
Furism posted:I understand that the USA are really full throttle in favor of free-market, weak state, strong companies, etc.. How does one keep thinking like this when they see what you quoted? Is anybody, anybody who doesn't have a direct stake that is, in agreement that class actions are bad, etc. ? This is a genuine question from a dirty left-wing European who cannot wrap his head around this. Send me my PM if you prefer (this not being D&D). Most people in America's experience with class action suits is that they receive a letter saying they are entitled to a small part of the damages in a suit they weren't aware of previously. The damages they are entitled to usually amount to a few bucks or a coupon, so lots of people think of class action suits as "something to make lawyers money" rather than something that punishes a company for a small(or large) harm against many individuals.
|
|
#
?
Sep 28, 2017 15:08
|
|
|
https://twitter.com/s7ephen/status/701488719795060736
|
|
#
?
Sep 28, 2017 20:20
|
|
|
|
|
#
?
Sep 28, 2017 23:58
|
|
|
https://twitter.com/ClickHole/status/913546418513747969
|
|
#
?
Sep 29, 2017 01:04
|
|
|
Siri, remember my bank account password and social security number What the gently caress happened to post-its for that stuff?
|
|
#
?
Sep 29, 2017 01:10
|
|
|
|
| # ? May 22, 2024 18:26 |
|
|
Anyone else going to BSides DC next weekend? It'll be my first time at any kind of tech conference, and I'm not sure what to expect.
camoseven fucked around with this message at 02:51 on Sep 29, 2017 |
|
#
?
Sep 29, 2017 02:48
|
|
