Register a SA Forums Account here!
JOINING THE SA FORUMS WILL REMOVE THIS BIG AD, THE ANNOYING UNDERLINED ADS, AND STUPID INTERSTITIAL ADS!!!

You can: log in, read the tech support FAQ, or request your lost password. This dumb message (and those ads) will appear on every screen until you register! Get rid of this crap by registering your own SA Forums Account and joining roughly 150,000 Goons, for the one-time price of $9.95! We charge money because it costs us money per month for bills, and since we don't believe in showing ads to our users, we try to make the money back through forum registrations.
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v15.1 - Stop!!! I Kill You Researcher
«81 »
 
  • Locked thread
Wiggly Wayne DDS
Sep 11, 2010



 there's also a strongly implied traffic correlation attack in leaked nsa docs relying on low-latency connections near the nodes

how much of this is used in practice or no longer possible is a matter of speculation

* # ? Mar 28, 2018 17:17
  • Quote
Adbot
ADBOT LOVES YOU

# ? Jun 1, 2024 21:50
  • Quote
Rufus Ping
Dec 27, 2006





I'm a Friend of Rodney Nano

Wiggly Wayne DDS posted:

there's also a strongly implied traffic correlation attack in leaked nsa docs relying on low-latency connections near the nodes

you got a link to this?


theres also netflow-based traffic analysis, frustrated since 2017 by prop-251

* # ? Mar 28, 2018 18:07
  • Quote
duz
Jul 11, 2005

Come on Ilhan, lets go bag us a shitpost

Salt Fish posted:

I already read in this thread that tor doesn't make you anonymous, and that because such a large fraction is run by police that it's useless for crimes, and now you're telling me it's all pedophiles? Which is it?

The EFF has a bunch of stories about journalists in China and elsewhere using it, are those journalists pedophiles or...?

im told pedophiles have taken over an area of the internet the size of ireland

* # ? Mar 28, 2018 18:51
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

Rufus Ping posted:

you got a link to this?


theres also netflow-based traffic analysis, frustrated since 2017 by prop-251
that was working off of memory of a quick glance at the docs as they came out. after further inspection i was conflating nsa's generic quantum program for low-latency packet injection which had a side project into tor (cookie reads/injects) with a different joint task. gchq had a r&d project called quick ant that specifically was looking into low latency de-anonymisation (jan 2012):

quote:

Previous Work/Current Techniques:
...
. QUICK ANT - Low latency deanonymisation. Prototype under evaluation.
. Introducing timing patterns - report available
. Hidden service investigation - report available
. Shaping research - some initial experiments.
and a later report (june 2012) mentioned success at de-anonymising a small faction with manual analysis, but later goes into detail:

quote:

Analytics:

Goes Inta Goes Outta/Low Latency

Find possible alternative accounts for a target: look
for connections to Tor, from the target’s
suspected country, near time of target’s activity.

• Current: GCHQ has working version (QUICKANT). R has
alpha tested NSA’s version. NSA’s version produced no
obvious candidate selectors.

• Goal: Figure out if QUICKANT works, compare
methodologies. Gathering data for additional tests of
NSA’s version (consistent, random and heavy user)

no doubt techniques have been mitigated, broken again, mitigated, etc

* # ? Mar 28, 2018 19:32
  • Quote
spankmeister
Jun 15, 2008






 https://www.washingtonpost.com/worl...6987_story.html


Get hosed assflange

* # ? Mar 28, 2018 19:46
  • Quote
Wiggly Wayne DDS
Sep 11, 2010



 no one uses drupal anyway

https://twitter.com/codeincarnate/status/979080318966730753

* # ? Mar 28, 2018 20:47
  • Quote
Wiggly Wayne DDS
Sep 11, 2010



 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc

quote:

CVE-2018-0150 Cisco IOS XE Software Static Credential Vulnerability

A vulnerability in Cisco IOS XE Software could allow an unauthenticated, remote attacker to log in to a device running an affected release of Cisco IOS XE Software with the default username and password that are used at initial boot.

The vulnerability is due to an undocumented user account with privilege level 15 that has a default username and password. An attacker could exploit this vulnerability by using this account to remotely connect to an affected device. A successful exploit could allow the attacker to log in to the device with privilege level 15 access.

...

Workarounds
To address this vulnerability, administrators may remove the default account by using the no username cisco command in the device configuration. Administrators may also address this vulnerability by logging in to the device and changing the password for this account.
i feel like the nsa suite hasn't been used in a while :nsa: :nsallears: :nsamad: :nsacloud: :nsavince:

* # ? Mar 28, 2018 21:27
  • Quote
Subjunctive
Sep 12, 2006

✨sparkle and shine✨

 in this age of microcode exploits and side channels, it’s nice to see someone pulling out the classics

* # ? Mar 28, 2018 21:35
  • Quote
evil_bunnY
Apr 2, 2003

Subjunctive posted:

in this age of microcode exploits and side channels, it’s nice to see someone pulling out the classics
seriously feels like an adv for $20 d-links

* # ? Mar 28, 2018 22:23
  • Quote
apseudonym
Feb 25, 2011

Wiggly Wayne DDS posted:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc

i feel like the nsa suite hasn't been used in a while :nsa: :nsallears: :nsamad: :nsacloud: :nsavince:

What does privilege level 15 mean?

* # ? Mar 28, 2018 23:09
  • Quote
spankmeister
Jun 15, 2008

apseudonym posted:

What does privilege level 15 mean?

It's the highest on Cisco gear, so root or SYSTEM

* # ? Mar 28, 2018 23:10
  • Quote
apseudonym
Feb 25, 2011

spankmeister posted:

It's the highest on Cisco gear, so root or SYSTEM

Lol

* # ? Mar 28, 2018 23:20
  • Quote
Subjunctive
Sep 12, 2006

✨sparkle and shine✨

 privilege level 15 means never having to say you’re sorry

* # ? Mar 28, 2018 23:27
  • Quote
neutral milf hotel
Oct 9, 2001

by Fluffdaddy

spankmeister posted:

It's the highest on Cisco gear, so root or SYSTEM

lol oh wow

* # ? Mar 29, 2018 01:09
  • Quote
Kazinsal
Dec 13, 2011
 priv 15 is basically as far up as you can get without being outside the IOS sandbox

you can't literally root the box with it but you can configure and show *everything*

* # ? Mar 29, 2018 01:16
  • Quote
CommieGIR
Aug 22, 2006

The blue glow is a feature, not a bug


Pillbug
Still using SMBv1? Wonder who is?

Boeing. Boeing is.

https://twitter.com/dominicgates/status/979120526831464448

* # ? Mar 29, 2018 02:05
  • Quote
Deep Dish Fuckfest
Sep 6, 2006

Advanced
Computer Touching

Toilet Rascal
i think the first airplane crashing due to ransomware will be a pretty good milestone for marking the start of the cyberpunk era

* # ? Mar 29, 2018 02:16
  • Quote
Shame Boy
Mar 2, 2010

Deep Dish Fuckfest posted:

i think the first airplane crashing due to ransomware will be a pretty good milestone for marking the start of the cyberpunk era

don't worry they've separated the avionics from the entertainment system by a very secure-looking firewall graphic

* # ? Mar 29, 2018 02:19
  • Quote
anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum
it's not too hard to believe that boeing (or a subcontractor) has extremely old diagnostics equipment running on like, windows 2000 boxes. which they "can't" upgrade, because of cost.

* # ? Mar 29, 2018 05:24
  • Quote
Meat Beat Agent
Aug 5, 2007

felonious assault with a sproinging boner
just be sure to look for the little "Norton Secured - Powered by Verisign" sticker on the fuselage and then you're good to go

* # ? Mar 29, 2018 05:24
  • Quote
Methanar
Sep 26, 2013

by the sex ghost
code:
if [ $# -eq 1 ]; then

        # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image
        exec "$@"

else

* # ? Mar 29, 2018 05:26
  • Quote
vOv
Feb 8, 2014

Methanar posted:

code:
if [ $# -eq 1 ]; then

        # if `docker run` only has one arguments, we assume user is running alternate command like `bash` to inspect the image
        exec "$@"

else

idgi, i dont' know anything about docker

* # ? Mar 29, 2018 06:48
  • Quote
anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum

vOv posted:

idgi, i dont' know anything about docker
same and i found out it's from jenkins but i don't know anything about jenkins either

* # ? Mar 29, 2018 08:38
  • Quote
spankmeister
Jun 15, 2008






 If the number of arguments is 1 run the argument inside the container as a command using exec. I think it just redirects all single-argument docker run commands to docker exec.

I don't really see the problem here? Docker lets you run stuff inside containers it's what it's supposed to do

* # ? Mar 29, 2018 08:44
  • Quote
geonetix
Mar 6, 2011

anthonypants posted:

same and i found out it's from jenkins but i don't know anything about jenkins either

Docker is not from Jenkins I’m afraid. Docker is a lot more hipster and dumb

* # ? Mar 29, 2018 08:49
  • Quote
anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum

geonetix posted:

Docker is not from Jenkins I’m afraid. Docker is a lot more hipster and dumb
i know they're different products that's why i said either

* # ? Mar 29, 2018 08:51
  • Quote
crazysim
May 23, 2004
I AM SOOOOO GAY

Meat Beat Agent posted:

just be sure to look for the little "Norton Secured - Powered by Verisign" sticker on the fuselage and then you're good to go

what if it says "McAfee Secured - Powered by Symantec"?

* # ? Mar 29, 2018 09:31
  • Quote
Shame Boy
Mar 2, 2010

geonetix posted:

Docker is not from Jenkins I’m afraid. Docker is a lot more hipster and dumb

docker itself is fine, it's just nobody uses it correctly since it's much easier to just use it as "lovely VM substitute with something resembling NPM bolted on"

* # ? Mar 29, 2018 15:45
  • Quote
geonetix
Mar 6, 2011


 sure, if breaking your API every other release and updating every two weeks is your definition of fine and sustainable for business

* # ? Mar 29, 2018 15:59
  • Quote
fins
May 31, 2011

Floss Finder

Wiggly Wayne DDS posted:

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20180328-xesc

i feel like the nsa suite hasn't been used in a while :nsa: :nsallears: :nsamad: :nsacloud: :nsavince:

you forgot :downsa:

* # ? Mar 29, 2018 16:24
  • Quote
Potato Salad
Oct 23, 2014

nobody cares


 :nsallears: looks like John Roberts to me, and I'm starting to wonder if that's intentional
* # ? Mar 29, 2018 16:31
  • Quote
Captain Foo
May 11, 2004

we vibin'
we slidin'
we breathin'
we dyin'

Potato Salad posted:

:nsallears: looks like John Roberts to me, and I'm starting to wonder if that's intentional



it's not

* # ? Mar 29, 2018 16:45
  • Quote
Wiggly Wayne DDS
Sep 11, 2010

fins posted:

you forgot :downsa:
i thought i was missing a few, that's just the list from https://forums.somethingawful.com/misc.php?action=showsmilies

* # ? Mar 29, 2018 16:48
  • Quote
Agile Vector
May 21, 2007

scrum bored

Meat Beat Agent posted:

just be sure to look for the little "Norton Secured - Powered by Verisign" sticker on the fuselage and then you're good to go

99.999% uptime should be good enough for anybody

* # ? Mar 29, 2018 17:32
  • Quote
anthonypants
May 6, 2007

by Nyc_Tattoo
Dinosaur Gum
so microsoft hosed up their meltdown patches on windows 7/2008r2 and on tuesday some guy wrote a blog about it, and said it was resolved in the march security update







except..............it wasn't, but microsoft released a fix for it today. good luck to everyone who's brave enough to install kb4100480

* # ? Mar 29, 2018 22:35
  • Quote
evil_bunnY
Apr 2, 2003

 hahahahaha the desktop guys at the office are going to be *thrilled*

* # ? Mar 29, 2018 22:39
  • Quote
dpkg chopra
Jun 9, 2007

Fast Food Fight

Grimey Drawer

quote:

To the MyFitnessPal Community:

We are writing to notify you about an issue that may involve your MyFitnessPal account information. We understand that you value your privacy and we take the protection of your information seriously.

On March 25, 2018, we became aware that during February of this year an unauthorized party acquired data associated with MyFitnessPal user accounts. The affected information included usernames, email addresses, and hashed passwords - the majority with the hashing function called bcrypt used to secure passwords.

Once we became aware, we quickly took steps to determine the nature and scope of the issue. We are working with leading data security firms to assist in our investigation. We have also notified and are coordinating with law enforcement authorities.

We are taking steps to protect our community, including the following:
We are notifying MyFitnessPal users to provide information on how they can protect their data.
We will be requiring MyFitnessPal users to change their passwords and urge users to do so immediately.
We continue to monitor for suspicious activity and to coordinate with law enforcement authorities.
We continue to make enhancements to our systems to detect and prevent unauthorized access to user information.
We take our obligation to safeguard your personal data very seriously and are alerting you about this issue so you can take steps to help protect your information. We recommend you:
Change your password for any other account on which you used the same or similar information used for your MyFitnessPal account.
Review your accounts for suspicious activity.
Be cautious of any unsolicited communications that ask for your personal data or refer you to a web page asking for personal data.
Avoid clicking on links or downloading attachments from suspicious emails.
For more information, please go to https://content.myfitnesspal.com/security-information/FAQ.html.

Sincerely,

Paul Fipps
Chief Digital Officer

hackers know I've been eating too many carbs

* # ? Mar 30, 2018 00:44
  • Quote
Potato Salad
Oct 23, 2014

nobody cares

anthonypants posted:

so microsoft hosed up their meltdown patches on windows 7/2008r2 and on tuesday some guy wrote a blog about it, and said it was resolved in the march security update







except..............it wasn't, but microsoft released a fix for it today. good luck to everyone who's brave enough to install kb4100480

I just

gently caress

I

:eng99: i need more money, more bodies, fuckit

* # ? Mar 30, 2018 00:50
  • Quote
vOv
Feb 8, 2014

anthonypants posted:

so microsoft hosed up their meltdown patches on windows 7/2008r2 and on tuesday some guy wrote a blog about it, and said it was resolved in the march security update







except..............it wasn't, but microsoft released a fix for it today. good luck to everyone who's brave enough to install kb4100480

i'm still incredibly amused that the secfuck wasn't some obscure thing, it was literally just a pml4 self-reference set to user instead of supervisor

* # ? Mar 30, 2018 02:44
  • Quote
Adbot
ADBOT LOVES YOU

# ? Jun 1, 2024 21:50
  • Quote
My PIN is 4826
Aug 30, 2003

Ur Getting Fatter posted:

quote:

We are taking steps
hackers know I've been eating too many carbs

10,000 steps a day, am i rite

* # ? Mar 30, 2018 10:05
  • Quote
  • Locked thread
The Something Awful Forums > Discussion > Serious Hardware/Software Crap > YOSPOS > Security Fuckup Megathread - v15.1 - Stop!!! I Kill You Researcher
«81 »