|
Chris Knight posted:physical secfuck i just saw an ad for this on actual tv and the example users are people too dumb to remember a combo or remember their keys after being out and locking their bikes so idk maybe this is a real deterrent to that audience
|
#
?
Jun 17, 2018 03:13
|
|
|
|
| # ? Jun 8, 2024 21:46 |
|
|
Lutha Mahtin posted:i have never heard of AT commands before this 
|
|
#
?
Jun 17, 2018 03:15
|
|
|
Agile Vector posted:i just saw an ad for this on actual tv and the example users are people too dumb to remember a combo or remember their keys after being out and locking their bikes so idk maybe this is a real deterrent to that audience i mean it's not even a normal screw it's one of those magical torx bits that only the police are allowed to have probably
|
|
#
?
Jun 17, 2018 03:16
|
|
|
This *is* my favorite time of year as paid research gets accepted to blackhat, especially the stunt hacking and now all the press release and marketing hype begins. Saw a great talk at hushcon about the difference between them having their corp pr and marketing behind them for a talk (articles in sites, magazines, blog posts, interviews) and having them be actively silenced and having no pr/marketing cause of a lawsuit threat (and other shenanigans). However I generally do talks with no PR or marketing so...............
|
|
#
?
Jun 17, 2018 03:20
|
|
|
anthonypants posted:lmao Lmao
|
|
#
?
Jun 17, 2018 03:31
|
|
|
Same. drat kids.
|
|
#
?
Jun 17, 2018 08:30
|
|
|
Optimus_Rhyme posted:This *is* my favorite time of year as paid research gets accepted to blackhat, especially the stunt hacking and now all the press release and marketing hype begins. I'm doing a project at a company rn and they have like 3 accepted talks. I think it's because they do fault injection and side channel analysis which is actually interesting and difficult and not something joebob the IDS vendor can do.
|
|
#
?
Jun 17, 2018 08:32
|
|
|
ate all the Oreos posted:i mean it's not even a normal screw it's one of those magical torx bits that only the police are allowed to have probably
|
|
#
?
Jun 17, 2018 08:53
|
|
|
jeff would never allow such criminality on his platform
|
|
#
?
Jun 17, 2018 08:56
|
|
|
I broke into a server room with a set like that once.
|
|
#
?
Jun 17, 2018 08:59
|
|
|
spankmeister posted:I broke into a server room with a set like that once. i hear they're good for scooters
|
|
#
?
Jun 17, 2018 09:12
|
|
|
|
|
#
?
Jun 17, 2018 09:38
|
|
|
if you're carrying those around it's evidence of malfeasance
|
|
#
?
Jun 17, 2018 13:20
|
|
|
it’s actually just a straight-up standard torx head, so 1) go to pretty much any auto shop or 2) just use a small flathead signed,
|
|
#
?
Jun 17, 2018 13:34
|
|
|
~Coxy posted:if you're carrying those around it's evidence of malfeasance At least in Wisconsin, simple possession of burglarious tools isn't actually criminal (although like anything else, the probable cause is on a sliding scale w/r/t your pantone shade)? Schadenboner fucked around with this message at 14:30 on Jun 17, 2018 |
|
#
?
Jun 17, 2018 14:02
|
|
|
carry a dremel and dremel a slot into the screw
|
|
#
?
Jun 17, 2018 14:23
|
|
|
|
|
#
?
Jun 17, 2018 14:30
|
|
|
spankmeister posted:I broke into a server room with a set like that once. *in extremely cellphone repair tech voice* i'm in
|
|
#
?
Jun 17, 2018 16:32
|
|
|
In Texas AT&T linesmen had to have a special certification for their toolkits because they involved wirecutters.
|
|
#
?
Jun 17, 2018 17:04
|
|
|
in the 19th century you’d get strung up for carrying anything that could cut barbed wire, glad to hear those laws are still on the books
|
|
#
?
Jun 17, 2018 17:26
|
|
|
apseudonym posted:More than you think do, but even if they didn't the majority of devices are still newer than 2014. Yes, my laptop that gets firmware,driver, software updates on the regular is less secure than an android from 2014 unpatched it's why I do all my banking and sensitive phone on my huawei from 2014 I would love to continue this convo but I have to go to the bank to ask what some transactions on my statement are as my balance is lower than usual
|
|
#
?
Jun 17, 2018 17:59
|
|
|
Celexi posted:Yes, my laptop that gets firmware,driver, software updates on the regular is less secure than an android from 2014 unpatched Updates are an important but not remotely sufficient part of a secure device because the vast majority of malware exploits no bugs. Masturbating about updates misses the point on how malware actually works in the real world, you don't need to exploit anything on your laptop to get your banking creds out of your browser so why would I bother? Hot takes are fun but do you know the malware numbers on Android? They're published every year.
|
|
#
?
Jun 17, 2018 18:43
|
|
|
apseudonym posted:Updates are an important but not remotely sufficient part of a secure device because the vast majority of malware exploits no bugs. Masturbating about updates misses the point on how malware actually works in the real world, you don't need to exploit anything on your laptop to get your banking creds out of your browser so why would I bother? quote:For the last few years, advertising Trojans have been one of the main threats facing Android users. First, they are very widespread, accounting for more than half of the entries in our ratings. Secondly, they are dangerous, with many exploiting system vulnerabilities to gain root privileges. The Trojans can then get full control of a system and, for example, install their modules in system folders to prevent their removal. In some cases, even resetting the device to factory settings is not enough to get rid of the rooting malware.
|
|
#
?
Jun 17, 2018 19:01
|
|
|
Sec fuckup #1: Physical access is your weak point, always. Ubiquiti cables are tasty to cats, apparently.
|
|
#
?
Jun 17, 2018 20:45
|
|
|
cats love any coated cable.
|
|
#
?
Jun 17, 2018 22:10
|
|
|
Captain Capacitor posted:Sec fuckup #1: Physical access is your weak point, always. Certified unethical cable penetration tester
|
|
#
?
Jun 17, 2018 22:20
|
|
|
ate all the Oreos posted:i mean it's not even a normal screw it's one of those magical torx bits that only the police are allowed to have probably the only secure fastener are those screws they use on bathroom dividers and nintendo security bits
|
|
#
?
Jun 17, 2018 23:25
|
|
|
Just had a microsoft account with a unique 40+ character paasword that I haven't logged into in months get owned. Microsoft blocked the login but how the hell does that happen
|
|
#
?
Jun 17, 2018 23:52
|
|
|
Phone posted:the only secure fastener are those screws they use on bathroom dividers also the welded plastic bubble packages small electronics come in
|
|
#
?
Jun 18, 2018 00:07
|
|
|
One way screws take about twice as long to remove as regular screws you just need a dremel.
|
|
#
?
Jun 18, 2018 00:19
|
|
|
jerry seinfel posted:Just had a microsoft account with a unique 40+ character paasword that I haven't logged into in months get owned. Microsoft blocked the login but how the hell does that happen Probably a basic CSRF attack via adverts and they're slowly testing each garnered account. Microsoft has never been a paragon of security.
|
|
#
?
Jun 18, 2018 00:25
|
|
|
Subjunctive posted:also the welded plastic bubble packages small electronics come in pff just cut through the face with a box cutter
|
|
#
?
Jun 18, 2018 00:44
|
|
|
High quality can opener will have that open in a jiffy
|
|
#
?
Jun 18, 2018 01:29
|
|
|
jerry seinfel posted:Just had a microsoft account with a unique 40+ character paasword that I haven't logged into in months get owned. Microsoft blocked the login but how the hell does that happen mine got owned a couple days ago too probably something on MS end
|
|
#
?
Jun 18, 2018 01:34
|
|
|
arrogant security nerds getting phished is more likely than a Hotmail breach
|
|
#
?
Jun 18, 2018 06:13
|
|
|
Daman posted:arrogant security nerds getting phished is more likely than a Hotmail breach
|
|
#
?
Jun 18, 2018 10:03
|
|
|
it doesn't help that every single login page for Microsoft looks different
|
|
#
?
Jun 18, 2018 10:56
|
|
|
Microsoft just loves to pop up random login prompts with no way to know what application they come from so I'm waiting for some malware that does this to grab login creds.
|
|
#
?
Jun 18, 2018 14:10
|
|
|
Chalks posted:Microsoft just loves to pop up random login prompts with no way to know what application they come from so I'm waiting for some malware that does this to grab login creds. iOS does this too. Random "enter your gmail password" prompts. Why? Who's asking for it?
|
|
#
?
Jun 18, 2018 14:37
|
|
|
|
| # ? Jun 8, 2024 21:46 |
|
|
akadajet posted:iOS does this too. Random "enter your gmail password" prompts. Why? Who's asking for it? are you saying app A can pop over app B?! I have never seen this
|
|
#
?
Jun 18, 2018 15:48
|
|
