|
oh lordy ~*dabs sweat from brow*~
|
# ? Nov 29, 2017 07:46 |
|
|
# ? May 14, 2024 22:44 |
|
dangit qbitorrent is gonna be one isn't it if it wasn't already
|
# ? Nov 29, 2017 07:50 |
|
I have to come in here to say jfc because jfc apple how did you find this level of gently caress up
|
# ? Nov 29, 2017 08:08 |
|
I, for one, am SHOCKED the most popular methods of pirating digital content are targeted by hackers.
|
# ? Nov 29, 2017 08:20 |
YOSPOS > Security Fuckup Megathread - v14.2 - (hurray, you're the admin now)
|
|
# ? Nov 29, 2017 08:35 |
|
VikingofRock posted:YOSPOS > Security Fuckup Megathread - v14.2 - (hurray, you're the admin now)
|
# ? Nov 29, 2017 08:37 |
|
so i'm hearing it doesn't have to be blank, you can set the password to whatever you want (on initial root creation) for reasons
|
# ? Nov 29, 2017 08:42 |
|
VikingofRock posted:YOSPOS > Security Fuckup Megathread - v14.2 - (hurray, you're the admin now)
|
# ? Nov 29, 2017 09:25 |
|
https://twitter.com/Viss/status/935681868845932544 @viss touching the poop like a loving idiot
|
# ? Nov 29, 2017 10:14 |
|
bicycle posted:https://twitter.com/Viss/status/935681868845932544 mycrimes.txt
|
# ? Nov 29, 2017 10:23 |
|
I guess the nsa didn't need to compel apple to put in a backdoor after all huhVikingofRock posted:YOSPOS > Security Fuckup Megathread - v14.2 - (hurray, you're the admin now)
|
# ? Nov 29, 2017 10:41 |
|
that apple bug made me bookmark this again. don't disappoint me thread
|
# ? Nov 29, 2017 12:44 |
|
Android to add a malware persistence layer: https://source.android.com/devices/architecture/treble
|
# ? Nov 29, 2017 13:04 |
Ciaphas posted:dangit qbitorrent is gonna be one isn't it all withers under the roving eye of Tavis. we'll be lucky if he doesn't find some way to cause the protocol itself to trigger remote execution
|
|
# ? Nov 29, 2017 15:46 |
|
distributed denial of copyright attack
|
# ? Nov 29, 2017 15:49 |
|
Rahu posted:that is a funny way to spell deluge deluge as a split client / server if you enjoy janitoring your own poo poo a lot
|
# ? Nov 29, 2017 15:56 |
|
flakeloaf posted:distributed denial of copyright attack
|
# ? Nov 29, 2017 16:18 |
|
VikingofRock posted:YOSPOS > Security Fuckup Megathread - v14.2 - (hurray, you're the admin now)
|
# ? Nov 29, 2017 16:20 |
|
deeper dive into why the macOS bug works https://objective-see.com/blog/blog_0x24.html
|
# ? Nov 29, 2017 16:25 |
|
you're an admin, hurray
|
# ? Nov 29, 2017 16:31 |
|
Qwijib0 posted:deeper dive into why the macOS bug works Well, that explains why it "resets" to NULL if you disable root again.
|
# ? Nov 29, 2017 16:35 |
|
bicycle posted:https://twitter.com/Viss/status/935681868845932544 am i reading him correctly that apple remote desktop doesn't require any authentication whatsoever to tell you what the active application is and who is logged in
|
# ? Nov 29, 2017 17:25 |
|
karoshi posted:Android to add a malware persistence layer: https://source.android.com/devices/architecture/treble This is actually a cool and good abstraction layer, I'm not sure why you're down on it.
|
# ? Nov 29, 2017 17:38 |
|
go play outside Skyler posted:that apple bug made me bookmark this again. Whatever you're not even my real dad
|
# ? Nov 29, 2017 17:46 |
|
Volmarias posted:This is actually a cool and good abstraction layer, I'm not sure why you're down on it. That page contains the word (trigger warning) "vendor" 12 times. There will be multiple vendor/ODM partitions that survive a system upgrade. Those are a juicy target. "SHIP IT!" vendor implementations will make those juicy targets easy to hit.
|
# ? Nov 29, 2017 18:01 |
|
The current alternative is effectively zero upgrades, and no chance of OS level security updates, so I'm not sure what's realistically being lost here.
|
# ? Nov 29, 2017 18:16 |
|
Volmarias posted:The current alternative is effectively zero upgrades, and no chance of OS level security updates, so I'm not sure what's realistically being lost here. Sir, this is the SecLOL thread, not the sensible software architecture thread. (I agree with that POV and I think it's a great way of keeping the OS upgraded, like iOS. It also adds new and exciting malware vectors. Now your sound driver can also inject a tracking DLL into every app. It might come preinstalled by your phone manufacturer (hello lenovo) or be a 3rd-party post initial boot add-on.)
|
# ? Nov 29, 2017 19:41 |
|
karoshi posted:That page contains the word (trigger warning) "vendor" 12 times. There will be multiple vendor/ODM partitions that survive a system upgrade. Those are a juicy target. "SHIP IT!" vendor implementations will make those juicy targets easy to hit. It's an abstraction layer for vendor code, of course it loving includes the word vendor. It also separates out vendor code and allows us to better isolate it, it's an all around good thing.
|
# ? Nov 29, 2017 19:43 |
|
karoshi posted:Sir, this is the SecLOL thread, not the sensible software architecture thread. No, the vendor code cannot inject a tracking dll into apps.
|
# ? Nov 29, 2017 19:45 |
|
another oddity: https://twitter.com/Viss/status/935943453615124480
|
# ? Nov 29, 2017 19:50 |
|
this is now my favorite thing https://twitter.com/SweeneyABC/status/935942616167960576
|
# ? Nov 29, 2017 19:51 |
|
Diva Cupcake posted:this is now my favorite thing
|
# ? Nov 29, 2017 19:54 |
|
guess its fixed now https://support.apple.com/en-us/HT208315
|
# ? Nov 29, 2017 19:56 |
|
Diva Cupcake posted:this is now my favorite thing please be real
|
# ? Nov 29, 2017 20:07 |
|
Powaqoatse posted:guess its fixed now it's fixed and apple seems to have taken the very rare step of making the update a mandatory insta-install
|
# ? Nov 29, 2017 20:14 |
|
tons of posts on reddit about "well, if you have local access to the computer then you can do anything so when you think about it this is NBD" with regards to the apple root hole
|
# ? Nov 29, 2017 20:25 |
|
Condiv posted:tons of posts on reddit about "well, if you have local access to the computer then you can do anything so when you think about it this is NBD" with regards to the apple root hole
|
# ? Nov 29, 2017 20:32 |
|
Diva Cupcake posted:this is now my favorite thing Blessed are the cjs, for they alone shall save or sabotage the masters' tools.
|
# ? Nov 29, 2017 20:39 |
|
omg
|
# ? Nov 29, 2017 20:43 |
|
|
# ? May 14, 2024 22:44 |
|
5
|
# ? Nov 29, 2017 20:46 |