|
Uhhhh https://www.dansdeals.com/more/dans-commentary/went-tesla-delivery-hell-tesla-giving-control-site-forums-1-5-million-tesla-account-contacts/
|
#
?
Nov 18, 2018 07:36
|
|
|
|
| # ? May 30, 2024 10:23 |
|
|
That article originally had a lot of people's names and e-mail addresses in those screenshots before he mspainted those little white boxes on them. 
|
|
#
?
Nov 18, 2018 07:46
|
|
|
That's pretty loving funny considering he made a slight at other users' infosec capabilities because they used Gmail
|
|
#
?
Nov 18, 2018 07:57
|
|
|
the problem isn't people using gmail, the problem is admin accounts that aren't connected to a tesla-controlled email.
|
|
#
?
Nov 18, 2018 09:02
|
|
|
Daman posted:bitlocker doesn't even default to hw encryption for any ssds I've seen, including my 850 evo running in transparent mode. it's going to be more of a problem in the enterprise space with the drives from dell/hp/whatever where they paid the extra $50 for it to ship in OPEL mode
|
|
#
?
Nov 19, 2018 18:07
|
|
|
Hey y'all I'm trying to get the CISSP cert. I'm using the Kaplan exam prep site and the questions are all terribly dated (like asking about Back Orifice and talking about XSS as if it's a nascent threat). MY QUESTION is, am I using a terribly outdated exam guide, or is the exam really outdated?
|
|
#
?
Nov 20, 2018 22:56
|
|
|
its the cert op
|
|
#
?
Nov 20, 2018 23:01
|
|
|
Look out here comes my CISSP lol
|
|
#
?
Nov 21, 2018 00:17
|
|
|
Just use the Official CISSP Practice Tests book. It’s like $20 for 2000 questions in all domains. Track your results. If you’re getting in the 75-80% range over a large enough sample size you’ll be fine.
|
|
#
?
Nov 21, 2018 00:42
|
|
|
NevergirlsOFFICIAL posted:Hey y'all I'm trying to get the CISSP cert. I'm using the Kaplan exam prep site and the questions are all terribly dated (like asking about Back Orifice and talking about XSS as if it's a nascent threat). MY QUESTION is, am I using a terribly outdated exam guide, or is the exam really outdated? if they aren't making you memorize every mundane detail about old blockmode ciphers like DES/2DES/3DES and their various modes then you're probably on the new material xss stuff definitely was in the latest revision
|
|
#
?
Nov 21, 2018 03:07
|
|
|
Ugh, CISSP, ugh. Ugh.
|
|
#
?
Nov 21, 2018 03:08
|
|
|
CLAM DOWN posted:Ugh, CISSP, ugh. Ugh. clam down, CLAM DOWN
|
|
#
?
Nov 21, 2018 10:10
|
|
|
1Password is letting users give away a 1 year subscription for thanksgiving, PM me your email if you want some free 1Password.
|
|
#
?
Nov 21, 2018 15:09
|
|
|
Rufus Ping posted:Look out here comes my CISSP lol Shut up rufo Also hi
|
|
#
?
Nov 21, 2018 18:49
|
|
|
didn't they rename CISSP to be CEH+?
|
|
#
?
Nov 21, 2018 18:51
|
|
|
CISSP was the most worthless cert I ever achieved. That said, it was also the most profitable.
|
|
#
?
Nov 21, 2018 20:53
|
|
|
Martytoof posted:CISSP was the most worthless cert I ever achieved. That said, it was also the most profitable. The entire thing is baffling. The test is fairly easy yet the dumb outside requirements and corporate adoption keeps it a thing.
|
|
#
?
Nov 21, 2018 21:42
|
|
|
Sickening posted:The entire thing is baffling. The test is fairly easy yet the dumb outside requirements and corporate adoption keeps it a thing. Yeah I don't understand it either. Work paid for my bootcamp, my exam, and then they paid me more money when I got it. I mean, they could have just saved some time and given me all that money to begin with I guess.
|
|
#
?
Nov 21, 2018 22:17
|
|
|
lol at the CPEs too. I watched 25 sales pitch webinars and listened to 15 hours of Security Weekly on my commute this year. I get to retain my certification.
|
|
#
?
Nov 21, 2018 22:30
|
|
|
Martytoof posted:CISSP was the most worthless cert I ever achieved. That said, it was also the most profitable. That the entirety of why I keep it up to date. Submitting CEs are a pain in the rear end, and thank god work pays the dues. But, people are irrationally impressed by it. So It stays. I’ve even let some of my GCIS carts lapse, because while I feel they more accurately reflect a depth of knowledge, no one outside certain circles knows what the gently caress they are (although I usually go “I need more alphabet in my email sig” and take the re-cert challenge a year or so later)
|
|
#
?
Nov 21, 2018 23:26
|
|
|
Martytoof posted:CISSP was the most worthless cert I ever achieved. That said, it was also the most profitable. so that sounds like it's actually worth a lot?
|
|
#
?
Nov 25, 2018 23:32
|
|
|
NevergirlsOFFICIAL posted:so that sounds like it's actually worth a lot? The fact that if you do audits or have to be aware of audits, yes. Also it's one of the terms HR people know when they have no idea what a good security people should have. OSCP, OSCE, .... what's that? CEH? Oh I think that's a tough one!! the ceh used to be good until the government decide to commandeer it and then ask to remove all the stuff that made it good so govt workers could actually pass it.
|
|
#
?
Nov 26, 2018 02:03
|
|
|
lmao if you actually believe that about ceh
|
|
#
?
Nov 26, 2018 08:13
|
|
|
Wiggly Wayne DDS posted:lmao if you actually believe that about ceh Well thanks for letting me know it was always poo poo then? EVIL Gibson fucked around with this message at 11:05 on Nov 26, 2018 |
|
#
?
Nov 26, 2018 11:02
|
|
|
i mean when was this change meant to have occurred? it's been a joke in the industry for over a decade
|
|
#
?
Nov 26, 2018 12:53
|
|
|
NevergirlsOFFICIAL posted:so that sounds like it's actually worth a lot? Money? Yes. Self-improvement? No.
|
|
#
?
Nov 26, 2018 14:19
|
|
|
repiv posted:1Password is letting users give away a 1 year subscription for thanksgiving, PM me your email if you want some free 1Password. Is this still a thing? They didn’t send me anything and I’d love to give one away.
|
|
#
?
Nov 26, 2018 19:48
|
|
|
AlternateAccount posted:Is this still a thing? They didn’t send me anything and I’d love to give one away. the option is still showing up for me in the bottom right corner of my.1password.com when I log in I think you need to be an individual or family subscriber (not 'teams') whose plan expiry date is in 2019 or later
|
|
#
?
Nov 26, 2018 20:05
|
|
|
This is a pretty great Humble Bundle for security books. https://www.humblebundle.com/books/cybersecurity-packt-books
|
|
#
?
Nov 26, 2018 22:40
|
|
|
Diva Cupcake posted:This is a pretty great Humble Bundle for security books. I am not busting on this collection but I feel someone would start rubbing one out when they read the title of this book.  "Finally. Someone....someone gets me. " Whenever I see a talk that has the word block chain in it, I always feel I have to give it a chance to see if there is any reason for this to exist and it always seems its about a dude that crammed malware into a eth contract or some poo poo. EVIL Gibson fucked around with this message at 22:54 on Nov 26, 2018 |
|
#
?
Nov 26, 2018 22:52
|
|
|
https://twitter.com/kennwhite/status/1067133581435305984 this is quite possibly the stupidest node dev thing since "HTTP is secure"
|
|
#
?
Nov 27, 2018 20:18
|
|
|
Node.js is poison.
|
|
#
?
Nov 27, 2018 20:44
|
|
|
Hey now, that rando stranger probably also Paypaled him a few hundred for it. And charged it back after he was given control.
|
|
#
?
Nov 27, 2018 20:52
|
|
|
TinTower posted:https://twitter.com/kennwhite/status/1067133581435305984 Ohhhh man, this is great. Horrible, but great.
|
|
#
?
Nov 27, 2018 22:09
|
|
|
To be fair, aside from JavaScript's inherent language issues & the problems it gains from popularity & low barriers to entry (hi PHP!) this sort of thing could happen to any other open source project. Of course, JS also has an extra cultural weakness, in the form of significantly larger attack surface for "lol you depended on poo poo you didn't even know existed": https://twitter.com/greybaker/status/1064861297152585728
|
|
#
?
Nov 27, 2018 22:12
|
|
|
Should be required reading for Node users IMO: https://hackernoon.com/im-harvesting-credit-card-numbers-and-passwords-from-your-site-here-s-how-9a8cb347c5b5
|
|
#
?
Nov 27, 2018 22:54
|
|
|
The advantage of PHP in 2005 was that there were no package/library managers for it. So the only thing the kids could/would ruin would be the websites they were building. Nowadays, everything is distributed. Including incompetence.
|
|
#
?
Nov 27, 2018 22:55
|
|
|
Volguus posted:The advantage of PHP in 2005 was that there were no package/library managers for it. So the only thing the kids could/would ruin would be the websites they were building. Nowadays, everything is distributed. Including incompetence. The Cloud: Distributed Incompetence running on Other People's Computers
|
|
#
?
Nov 28, 2018 00:10
|
|
|
Volguus posted:Nowadays, everything is distributed. Including incompetence. 
|
|
#
?
Nov 28, 2018 00:24
|
|
|
|
| # ? May 30, 2024 10:23 |
|
|
bitprophet posted:To be fair, aside from JavaScript's inherent language issues & the problems it gains from popularity & low barriers to entry (hi PHP!) this sort of thing could happen to any other open source project. See: uBlock vs uBlock Origin
|
|
#
?
Nov 28, 2018 00:33
|
|
