|
Mr.Radar posted:@associatedbank Lol, guess where I was just thinking of applying, too? Nooooooooooope.jpg! https://twitter.com/Schadenboner/status/964512172545073152 Schadenboner fucked around with this message at 15:50 on Feb 16, 2018 |
# ? Feb 16, 2018 15:47 |
|
|
# ? Jun 7, 2024 19:36 |
|
Shaggar posted:cool. I remember doing xbox softmods w/ some MechWarrior save exploit or something. it was easy as hell but it had a similar problem where if the clock poo poo the bed you were hosed if you hadn't already unlocked the drive. Cocoa Crispies posted:yeah iirc you used the corrupt mechassault save to get code execution, then replaced a dashboard font to get persistence The font exploit would normally trigger when the dashboard loaded, it'd swap out the cert chain in memory so applications signed with the "homebrew key" could instead be loaded, then you'd chain from there to something like Phoenix BIOS Loader which could swap out the entire Xbox BIOS in memory with one of the modified ones and you were set to go. The problem was if the clock wasn't set or had lost power the dashboard wouldn't load and instead the system would try to bring up a "set the clock" screen, which used the same font and thus triggered the bug, but just crashed rather than being exploited. You could not just unlock the drive and leave it, as the stock BIOS won't boot on an unlocked drive. It was trivial to extract the EEPROM in which the unlock code was stored (as well as a few other fun things) once you had booted a third party dashboard replacement, but a lot of people forgot to do that or stupidly saved it to the (still locked) hard drive. At some point they did work around this and were able to create clock-safe softmods, but I had moved on to a hardware chip at that point so my knowledge of the details falls off a cliff there. I made a bunch of beer money in college using my modchip with a solderless adapter to recover people's xboxes that had softmods and other things go wrong.
|
# ? Feb 16, 2018 16:09 |
|
After some good natured testing, we have managed to brick a coworkers iPhone X by making siri read the cursed glyph in a text message. It's literally trapped in a boot loop right now and he can't make it go into DFU mode.
|
# ? Feb 16, 2018 16:49 |
|
secfuck: i joined a union recently and upon receiving my membership details i found i was unable to login to their website. reset password wasn't working so i e-mailed my rep who changed my password to "<SURNAME>.123!" and e-mailed it to me in the clear. then when i logged in it did not force me to change it. a shameful display
|
# ? Feb 16, 2018 16:58 |
|
cheese-cube posted:secfuck: i joined a union recently and upon receiving my membership details i found i was unable to login to their website. reset password wasn't working so i e-mailed my rep who changed my password to "<SURNAME>.123!" and e-mailed it to me in the clear. then when i logged in it did not force me to change it. a shameful display Extremely hn voice: "Clearly this is just more evidence that unions are a failed anchor on the economy."
|
# ? Feb 16, 2018 17:01 |
|
see if you can organise the userbase into convincing them to fix this
|
# ? Feb 16, 2018 17:06 |
|
Wiggly Wayne DDS posted:see if you can organise the userbase into convincing them to fix this yeah that's a good idea, thanks. i already replied to my rep advising how their current poo poo is garbage but if they don't improve things i'll start reaching out to membership. CHANGE FROM WITHIN, MOTHERFUCKERSSSSS
|
# ? Feb 16, 2018 17:16 |
|
as someone who provides services to a couple of union locals, let me assure you, unless you stop them from doing so the average member will make their password <surname><membership number>
|
# ? Feb 16, 2018 17:27 |
|
infernal machines posted:as someone who provides services to a couple of union locals, let me assure you, unless you stop them from doing so the average member will make their password <surname><membership number> lol great, the two things readily available on your membership card
|
# ? Feb 16, 2018 17:39 |
|
in solidarity, wild eeprom
|
# ? Feb 16, 2018 17:42 |
|
someone in the greys cannot understand why lastpass is garbage more at 11...
|
# ? Feb 16, 2018 18:50 |
|
p sure that dingus is a troll or a legit shill
|
# ? Feb 16, 2018 19:10 |
|
i'm sorry okay just explain what the issue is with my posts
|
# ? Feb 16, 2018 19:13 |
|
Wiggly Wayne DDS posted:i'm sorry okay just explain what the issue is with my posts you keep making them!
|
# ? Feb 16, 2018 19:17 |
|
meh
|
# ? Feb 16, 2018 19:18 |
|
what the gently caress is "Brave" in the context of that greydingus?
|
# ? Feb 16, 2018 20:09 |
|
cheese-cube posted:what the gently caress is "Brave" in the context of that greydingus?
|
# ? Feb 16, 2018 20:11 |
|
i'll never get over the mindset of people using knock-off versions of popular software with 'improvements' bolted on
|
# ? Feb 16, 2018 20:18 |
|
anthonypants posted:a web browser based on chrome but from the guy who got kicked out of being the ceo of mozilla it also uses some bullshit attention token to pay publishers whose ads and tracking it blocks
|
# ? Feb 16, 2018 20:20 |
|
also it encourages you to put money into an online wallet that it will use to give "microdonations" to content creators in lieu of showing advertisements no one actually is quite sure how the system works.
|
# ? Feb 16, 2018 20:20 |
|
i think i'll stick with my current browser and ublock
|
# ? Feb 16, 2018 20:23 |
|
so has intel/amd made any announcements on how/when they plan to change the architecture of their chips to fix meltdown/specter?
|
# ? Feb 16, 2018 20:24 |
|
Intel's too busy trying to find a way to sell people hardware tokens to turn software RAID on and AMD is too busy selling their graphics chips to Intel
|
# ? Feb 16, 2018 20:25 |
|
architecture? at least 3 years away optimistically
|
# ? Feb 16, 2018 20:26 |
|
Kuvo posted:so has intel/amd made any announcements on how/when they plan to change the architecture of their chips to fix meltdown/specter? there's no way in hell that happens in 2018 so they are unlikely to want to talk about it small tweaks that make the heavy microcode fixes more efficient to do maybe, but the full fix is way down the line
|
# ? Feb 16, 2018 20:33 |
|
wasn't one of the reasons linus got pissed off on the lkms because intel wasn't going to stop selling the same broken chips
|
# ? Feb 16, 2018 20:51 |
|
if so, i'm not sure what he thinks their other option is
|
# ? Feb 16, 2018 20:53 |
|
anthonypants posted:wasn't one of the reasons linus got pissed off on the lkms because intel wasn't going to stop selling the same broken chips the main reason Linus was pissed at Intel was that Intel was publicly taking the position that their chips aren't broken, your software is broken, and in the future Intel will graciously offer a feature that allows your broken software to opt in to a special mode that works around your software's brokenness
|
# ? Feb 16, 2018 20:58 |
|
pseudorandom name posted:the main reason Linus was pissed at Intel was that Intel was publicly taking the position that their chips aren't broken, your software is broken, and in the future Intel will graciously offer a feature that allows your broken software to opt in to a special mode that works around your software's brokenness
|
# ? Feb 16, 2018 20:59 |
|
pseudorandom name posted:the main reason Linus was pissed at Intel was that Intel was publicly taking the position that their chips aren't broken, your software is broken, and in the future Intel will graciously offer a feature that allows your broken software to opt in to a special mode that works around your software's brokenness also they kept panic commiting garbage kernel code or something
|
# ? Feb 16, 2018 21:01 |
|
I use brave on mobile because it is basically chrome but with ad blocking which is not available on mobile chrome
|
# ? Feb 16, 2018 21:11 |
|
spankmeister posted:I use brave on mobile because it is basically chrome but with ad blocking which is not available on mobile chrome I use Purify on iOS. That way I don't have to use Chrome, or lovely versions of Chrome.
|
# ? Feb 16, 2018 21:13 |
|
you should use firefox for android, so you can use the real adblocking solution ublock origin
|
# ? Feb 16, 2018 21:30 |
|
yeah, for android the firefox quantum updates are really nice. only downside I've found is that some sites don't test against it, so you get wacky page renders once in a while
|
# ? Feb 16, 2018 22:39 |
|
cheese-cube posted:p sure that dingus is a troll or a legit shill elcondemn? he's definitely a major shithead
|
# ? Feb 17, 2018 00:41 |
|
Schadenboner posted:Lol, guess where I was just thinking of applying, too? Seems like this is getting a bit more attention now https://twitter.com/briankrebs/status/964538799962361856
|
# ? Feb 17, 2018 13:10 |
|
I like to think there’s someone out there who reads all of their emails and webpages via Windows Notepad like some kind of Richard M. Shaggar
|
# ? Feb 17, 2018 14:46 |
|
GTO posted:Seems like this is getting a bit more attention now https://twitter.com/briankrebs/status/964538799962361856 Oh poo poo, I cannot into responsible disclosure.
|
# ? Feb 17, 2018 15:28 |
|
Schadenboner posted:Oh poo poo, I cannot into responsible disclosure. Honestly I'm not sure why he thinks his tweet prevents people from finding out which bank it is when the bank is named multiple times in the replies to the tweet anyway. If bad guys are going to find out, they've already found out. The only question now is whether publicising the fuckup 10 days before it actually happens might be enough time to get the bank to change their mind and fix it.
|
# ? Feb 17, 2018 15:41 |
|
|
# ? Jun 7, 2024 19:36 |
|
Schadenboner posted:Lol, guess where I was just thinking of applying, too? Thanks for the tweet. And guess what, I got a letter in the physical mail yesterday with the same information.
|
# ? Feb 17, 2018 16:05 |