|
then what the gently caress else do people use it for
|
# ? Sep 28, 2018 01:14 |
|
|
# ? Jun 9, 2024 01:22 |
|
arent a ridiculous fraction of "models" on instagram prostitutes
|
# ? Sep 28, 2018 01:15 |
|
Shaggar posted:yeah its a sketchy uefi module installed by manufacturers for tracking stolen laptops. its essentially a rootkit and exploits a hijacking of a windows system component (autochk) in order to install itself in the os. It is equally easily hijacked by other, more nefarious malware like the one presented in the article. and this was superseded by microsoft allowing a sepcific ACPI key to just execute the contents as a binary blob on windows boot, so a thid party bios would not have to understand ntfs and overwrite a specific core windows component
|
# ? Sep 28, 2018 01:17 |
|
Janitor Prime posted:you know you can’t hire hit men and hookers on FB right?
|
# ? Sep 28, 2018 01:30 |
|
Janitor Prime posted:you know you can’t hire hit men and hookers on FB right? Shows what u know
|
# ? Sep 28, 2018 01:32 |
|
bob dobbs is dead posted:arent a ridiculous fraction of "models" on instagram prostitutes twitch seems to be full of sex workers nowadays
|
# ? Sep 28, 2018 01:38 |
|
Lysidas posted:and this was superseded by microsoft allowing a sepcific ACPI key to just execute the contents as a binary blob on windows boot, so a thid party bios would not have to understand ntfs and overwrite a specific core windows component that seems like a better idea but its still kind of sketchy for the ultimate goal to be installing software in the os. maybe its something that could be handled out of band instead.
|
# ? Sep 28, 2018 02:03 |
akadajet posted:twitch seems to be full of sex workers nowadays it’s good advertising for them, much like instagram
|
|
# ? Sep 28, 2018 09:52 |
|
akadajet posted:twitch seems to be full of sex workers nowadays gamers are easy marks, so that makes sense
|
# ? Sep 28, 2018 15:13 |
|
https://twitter.com/congressedits/status/1045422483082551302
|
# ? Sep 28, 2018 16:03 |
|
anthonypants posted:you can set windows 10 to make msis do this where is that setting I am interested
|
# ? Sep 28, 2018 16:27 |
|
Farmer Crack-rear end posted:this sounds familiar. is this the same kind of poo poo lenovo was pulling to push their crapware onto windows installs? There's an optional partition on UEFI that you can dump software on to and the Windows install routine will fire that off silently. It was made for OEMs and Lenovo abused it immediately
|
# ? Sep 28, 2018 16:29 |
|
BangersInMyKnickers posted:where is that setting I am interested i don't know what specifically triggers it because there's installers that don't set it off, but non-microsoft .msi packages definitely generate that popup
|
# ? Sep 28, 2018 16:34 |
|
BangersInMyKnickers posted:There's an optional partition on UEFI that you can dump software on to and the Windows install routine will fire that off silently. It was made for OEMs and Lenovo abused it immediately is this distinct from the windows platform binary table https://download.microsoft.com/download/8/A/2/8A2FB72D-9B96-4E2D-A559-4A27CF905A80/windows-platform-binary-table.docx ? because its super easy to get around what youre describing by zeroing a disk before a windows install
|
# ? Sep 28, 2018 16:53 |
|
https://newsroom.fb.com/news/2018/09/security-update/quote:On the afternoon of Tuesday, September 25, our engineering team discovered a security issue affecting almost 50 million accounts. We’re taking this incredibly seriously and wanted to let everyone know what’s happened and the immediate action we’ve taken to protect people’s security.
|
# ? Sep 28, 2018 17:56 |
|
https://www.nytimes.com/2018/09/28/technology/facebook-hack-data-breach.htmlquote:SAN FRANCISCO — Facebook on Friday said an attack on its computer network led to the exposure of information from nearly 50 million of its users. Ron Paul its happening dot gif
|
# ? Sep 28, 2018 17:57 |
|
securing facebook sounds like an impossible nightmare
|
# ? Sep 28, 2018 18:02 |
|
akadajet posted:securing facebook sounds like an impossible nightmare
|
# ? Sep 28, 2018 18:08 |
|
lol that it's the "view as" feature that is probably a rat's nest of poo poo to deal with also they force logged me out today, does that mean my identtiy is stolen
|
# ? Sep 28, 2018 18:09 |
|
anthonypants posted:protect the graph lol
|
# ? Sep 28, 2018 18:10 |
|
Last Chance posted:lol that it's the "view as" feature that is probably a rat's nest of poo poo to deal with I didn't get logged out. So I'd assume all your facebook poo poo was stolen, assuming you have facebook poo poo.
|
# ? Sep 28, 2018 18:13 |
|
anthonypants posted:protect the graph protect deez nuts
|
# ? Sep 28, 2018 18:14 |
|
I wonder how long it’s been broken, and if one person exploited it 90 million times, or if millions of people exploited it a few times. can’t imagine law enforcement would enjoy receiving a csv with 45 million IP addresses to investigate.
|
# ? Sep 28, 2018 18:14 |
|
akadajet posted:I didn't get logged out. So I'd assume all your facebook poo poo was stolen, assuming you have facebook poo poo. luckily ive never put anything on FB that i dont assume is public anyway. hope they like my pics of fllowers and pups
|
# ? Sep 28, 2018 18:23 |
|
Evis posted:I wonder how long it’s been broken, and if one person exploited it 90 million times, or if millions of people exploited it a few times. can’t imagine law enforcement would enjoy receiving a csv with 45 million IP addresses to investigate. akadajet posted:https://newsroom.fb.com/news/2018/09/security-update/
|
# ? Sep 28, 2018 18:25 |
|
according to the page they're only admitting to 50m exploits, but they invalidated sessions for 90m people because the other 40m had been "view as"-ed at some point
|
# ? Sep 28, 2018 18:44 |
So at this point it's just safest to assume that no data hasn't been leaked? I'm gonna go ahead and assume that.
|
|
# ? Sep 28, 2018 20:01 |
|
Last Chance posted:also they force logged me out today, does that mean my identtiy is stolen not necessarily, no. you’ll get a feed notification AIUI (view as is a disaster)
|
# ? Sep 28, 2018 20:16 |
|
D. Ebdrup posted:So at this point it's just safest to assume that no data hasn't been leaked? I'm gonna go ahead and assume that.
|
# ? Sep 28, 2018 20:29 |
|
anthonypants posted:if you scroll up you'll see that facebook is admitting on their very public blog that data has been leaked. what are you talking about what if the attackers accessed the accounts but kept their eyes closed the whole time
|
# ? Sep 28, 2018 20:31 |
anthonypants posted:if you scroll up you'll see that facebook is admitting on their very public blog that data has been leaked. what are you talking about
|
|
# ? Sep 28, 2018 20:33 |
|
Subjunctive posted:what if the attackers accessed the accounts but kept their eyes closed the whole time
|
# ? Sep 28, 2018 20:33 |
|
From the ars article:quote:"We saw this attack being used at a fairly large scale," Rosen said. "The attackers could get an access token, pivot to other accounts, and look up other users to get further access tokens." The 50 million is not like "lol oops we leaked your email and phone number" but 50 million accounts got popped and had an illegitimate access token minted. They were popping accounts automated and at scale.
|
# ? Sep 28, 2018 20:42 |
|
Facebook: 90 million people finally logged off.
|
# ? Sep 28, 2018 20:43 |
|
Have any of these security talks discussed security of elevator emergency phones? I know of at least one major install site where the call phones are just standard (unpublished) phone numbers that pretty much anyone can call. They automatically pick up on the speakerphone in the ceiling and you can just eavesdrop all day long on them.
|
# ? Sep 28, 2018 20:57 |
|
mrmcd posted:From the ars article: yeah, I really wish I could see that thread
|
# ? Sep 28, 2018 21:01 |
|
mrmcd posted:From the ars article: not wanting to be the only one running up to journalists and creating pr fires: https://twitter.com/ashleymadison/status/1045758306525089792 https://twitter.com/ashleymadison/status/1045764170845704200 in similar news: https://twitter.com/josephmenn/status/1045753337675730944
|
# ? Sep 28, 2018 21:02 |
|
if you post an article about the facebook breach on facebook, it will get taken down for being spam https://twitter.com/alanjames/status/1045761238872051718
|
# ? Sep 28, 2018 21:04 |
|
BangersInMyKnickers posted:Have any of these security talks discussed security of elevator emergency phones? I know of at least one major install site where the call phones are just standard (unpublished) phone numbers that pretty much anyone can call. They automatically pick up on the speakerphone in the ceiling and you can just eavesdrop all day long on them. I remember this from years ago, don't recall if it was in a talk or article or book or what
|
# ? Sep 28, 2018 21:07 |
|
|
# ? Jun 9, 2024 01:22 |
|
Rufus Ping posted:I remember this from years ago, don't recall if it was in a talk or article or book or what https://www.youtube.com/watch?v=ZUvGfuLlZus&hd=1
|
# ? Sep 28, 2018 21:09 |