|
Absurd Alhazred posted:If you were wondering what happened to TrueCrypt... what the fuuuuuuuuuuuuuuuuuuuuck this is some Kaiser Soze poo poo, except he's briefly disguising himself as Bruce Schneider instead of Verbal Kent
|
#
?
Jan 27, 2018 01:11
|
|
|
|
| # ? May 10, 2024 10:17 |
|
|
All this spectre/meltdown stuff, what's the actual risk to the kind of end-user who only uses their unpatched device for loving around on social media? A malicious JS somehow runs for days and eventually pulls a cached password out of memory?
|
|
#
?
Jan 27, 2018 02:54
|
|
|
Mr Chips posted:All this spectre/meltdown stuff, what's the actual risk to the kind of end-user who only uses their unpatched device for loving around on social media? A malicious JS somehow runs for days and eventually pulls a cached password out of memory? But yes passwords, or any files you've opened recently. Not many other paths to get in.
|
|
#
?
Jan 27, 2018 03:03
|
|
|
Malicious JS runs for seconds and pulls current passwords out of memory as you type them.
|
|
#
?
Jan 27, 2018 03:04
|
|
|
Cheers. For this hypothetical home user, how important is a microcode update if the OS and browser are patched?
|
|
#
?
Jan 27, 2018 03:15
|
|
|
Diva Cupcake posted:Nothing matters. 
|
|
#
?
Jan 27, 2018 07:45
|
|
|
Absurd Alhazred posted:If you were wondering what happened to TrueCrypt... I am on Episode 6. BEWARE! This rabbit hole is loving DEEP!
|
|
#
?
Jan 27, 2018 09:08
|
|
|
22 Eargesplitten posted:I know the answer is wipe and reinstall if you think there might be a virus, but if I can’t convince someone to do that, what’s the next best thing? I’m taking a look at my neighbor’s dad’s computer in exchange for a tow my neighbor gave me. He thinks there’s a virus. He might have adware or just a PC full of random poo poo but the probability of a random user being able to actually detect a virus on their PC is near nonexistent. Why does he think he have a virus? There is probably something else wrong and you should focus on determining why he is concerned and tracking down whatever its root cause is, instead of focusing too much on his speculation of evil hacker viruses.
|
|
#
?
Jan 27, 2018 17:49
|
|
|
Yeah, I'm really hoping it's not a virus. The thing is that it's my neighbor's dad's, and his dad is halfway across the country (at a cancer treatment center), so all I've got to go on is second hand. It probably is just slow and full of bloat and ads. Is there anything else I should be running to search for poo poo, though? If I find Bonzi Buddy somehow I'll make sure to let you all know.
|
|
#
?
Jan 27, 2018 18:31
|
|
|
My general tidy-up flow for relatives etc is very simple. If there is something undesirable-but-not-outright-virus running on the PC, the crucial bit is that it has to run to do anything. This means that it either exists as its own process or as a plugin in some other process. So I just go through all browser plugins, removing any that seem suspect, and then go through all running and autostarting processes, removing any that are suspect from disk and autostart. That's it - last time I encountered something that needed anything more in depth than this on a personal device was over 15 years ago. Sysinternals procexp and autoruns are good tools for this. It does rather require you to have a good feel for what is expected and what is not, though.
|
|
#
?
Jan 27, 2018 22:30
|
|
|
My parents only use web pages and were already exclusively users of Gmail etc., so a Chromebox was the ideal thing for them. As long as it's plugged in it works.
|
|
#
?
Jan 27, 2018 22:33
|
|
|
ComboFix was always my go-to for bringing a malware'd box back to sanity when they REALLY didn't want to wipe and reinstall. Looks like it still exists and is still being updated, although I haven't used it in years and can't speak to how well it currently works. https://www.bleepingcomputer.com/download/combofix/
|
|
#
?
Jan 27, 2018 23:38
|
|
|
Bleeping computer in general is a pretty good resource for cleaning up personal computers.
|
|
#
?
Jan 27, 2018 23:42
|
|
|
EssOEss posted:My general tidy-up flow for relatives etc is very simple. If there is something undesirable-but-not-outright-virus running on the PC, the crucial bit is that it has to run to do anything. This means that it either exists as its own process or as a plugin in some other process. I taught my mom to learn how to use noscript and i love she was able to reconize how much bullshit it blocks when you start blocking everything not five of her main websites she visits. She even brags about it to while my uncles, aunt's, and cousin computers are constantly being infected by malware.
|
|
#
?
Jan 28, 2018 01:29
|
|
|
Powered Descent posted:ComboFix was always my go-to for bringing a malware'd box back to sanity when they REALLY didn't want to wipe and reinstall. Looks like it still exists and is still being updated, although I haven't used it in years and can't speak to how well it currently works. Congrats on using an awful tool to address malware. Read this thread: https://forums.somethingawful.com/showthread.php?threadid=3723583
|
|
#
?
Jan 28, 2018 09:26
|
|
|
https://twitter.com/pwnallthethings/status/957681287740968961
|
|
#
?
Jan 28, 2018 19:59
|
|
|
That strava heat map is insane. I played with it last night and it’s stupid easy to find sensitive locations pretty much anywhere you want to look around.
|
|
#
?
Jan 28, 2018 21:22
|
|
|
Lain Iwakura posted:Congrats on using an awful tool to address malware. Is the Sophos bootable thing still the best way to go? And since it boots it’s own OS, there’s no risk of bringing something back on the USB drive when it goes into another computer, right?
|
|
#
?
Jan 28, 2018 22:01
|
|
|
22 Eargesplitten posted:I’ll download Malwarebytes Scroll up like 10 posts. E: in another thread 
|
|
#
?
Jan 29, 2018 01:54
|
|
|
Subjunctive posted:Scroll up like 10 posts. Does Malwarebyes suck now or always? We always used it at two jobs I had. What I found out shortly before leaving the last one was that we used it illegally because we used the free download version which has a line in the EULA forbidding business use.
|
|
#
?
Jan 29, 2018 02:04
|
|
|
It, like all anti viruses, can only detect a small number of attacks and cannot guarantee that you got everything. In exchange for this questionable value you increase the size of your computer’s attack surface.
|
|
#
?
Jan 29, 2018 02:07
|
|
|
I think I found this on SA but I can't remember where so here we go Opsec https://twitter.com/tobiaschneider/status/957317886112124928
|
|
#
?
Jan 29, 2018 02:19
|
|
|
Were we having a hard time finding military bases before?
|
|
#
?
Jan 29, 2018 02:51
|
|
|
I think it's less being able to find military bases and more being able to see patrol routes and traffic patterns. Though, I question exactly how useful that is either.
|
|
#
?
Jan 29, 2018 03:01
|
|
|
Thermopyle posted:I think it's less being able to find military bases and more being able to see patrol routes and traffic patterns. People go to prison for collecting exactly this kind of information for the enemy.
|
|
#
?
Jan 29, 2018 03:03
|
|
|
Absurd Alhazred posted:People go to prison for collecting exactly this kind of information for the enemy. Yes, but that doesn't mean it's terribly useful information either. People go to prison for lots of things that are silly.
|
|
#
?
Jan 29, 2018 03:04
|
|
|
Thermopyle posted:I think it's less being able to find military bases and more being able to see patrol routes and traffic patterns. lol
|
|
#
?
Jan 29, 2018 03:04
|
|
|
Thermopyle posted:Yes, but that doesn't mean it's terribly useful information either. People go to prison for lots of things that are silly. If you're planning an attack on a base it's this kind of information you want.
|
|
#
?
Jan 29, 2018 03:05
|
|
|
Though, probably useful is the wrong word. What I really mean, is how likely it is that someone is going to use Strava to do something bad rather than getting their own data. In other words, will there be an attack on a base because of this data that wouldn't happen otherwise. I'm not convinced.
|
|
#
?
Jan 29, 2018 03:05
|
|
|
orange sky posted:I think I found this on SA but I can't remember where so here we go Strava heatmap has been around for years, what’s new about this? Jose Valasquez posted:Were we having a hard time finding military bases before? I know of 6 military bases in my state, all of them are visible on google maps.
|
|
#
?
Jan 29, 2018 03:06
|
|
|
Thermopyle posted:Though, probably useful is the wrong word. you, an internet poster: "how is where our staff are jogging every single morning useful info??" also you: "  "
|
|
#
?
Jan 29, 2018 03:10
|
|
|
Truga posted:you, an internet poster: "how is where our staff are jogging every single morning useful info??" Except I'm not saying "how is this useful information".
|
|
#
?
Jan 29, 2018 03:14
|
|
|
Truga posted:you, an internet poster: "how is where our staff are jogging every single morning useful info??" In my experience gyms and pt routes are clearly marked on post. Also, if you are not a felon, get a job as a pizza delivery driver in the town closest to the base in question and you will get more and more useful information than I’ve seen on these strava screenshots.
|
|
#
?
Jan 29, 2018 03:14
|
|
|
The Fool posted:In my experience gyms and pt routes are clearly marked on post. Who is delivering pizza to FOBs in Afghanistan?
|
|
#
?
Jan 29, 2018 03:16
|
|
|
The Fool posted:In my experience gyms and pt routes are clearly marked on post. Exactly. The few I've looked at it's not even a big surprise. Oh, people jog around the main thoroughfares, what a surprise.
|
|
#
?
Jan 29, 2018 03:16
|
|
|
you could go to the effort of doing all that poo poo, but on the other hand, you're an errorist in afghanistan, so you just go to strava.com and circumvent all that 
|
|
#
?
Jan 29, 2018 03:17
|
|
|
Truga posted:you could go to the effort of doing all that poo poo, but on the other hand, you're an errorist in afghanistan, so you just go to strava.com and circumvent all that For much worse data, no?
|
|
#
?
Jan 29, 2018 03:19
|
|
|
Supposedly part of the leaked data set can include individuals' profiles. China could do some simple data mining against all those SF-86s they got from OPM and figure out where individuals are stationed.
|
|
#
?
Jan 29, 2018 03:20
|
|
|
hobbesmaster posted:Who is delivering pizza to FOBs in Afghanistan? http://newsfeed.time.com/2011/02/24/pizza-hut-re-opens-in-afghanistan-soldiers-satisfy-year-long-pepperoni-cravings/
|
|
#
?
Jan 29, 2018 03:21
|
|
|
|
| # ? May 10, 2024 10:17 |
|
|
I don't see how identifying even the tiniest military outpost's exact location, possibly several of their inhabitants real identities, and their actual real life physical movements could ever be meaningfully used against them by someone with bad intentions when all you have to do is get a pizza route in Mosul.
|
|
#
?
Jan 29, 2018 03:22
|
|