|
fishmech posted:what the gently caress are you smoking to not understand what i said? why do you keep talking about entirely unrelated things? Jesus gently caress, take your slap-fight to DMs. You're going to get yet another thread shut down.
|
# ? Feb 25, 2019 18:51 |
|
|
# ? May 20, 2024 10:33 |
|
Proteus Jones posted:Jesus gently caress, take your slap-fight to DMs. You're going to get yet another thread shut down.
|
# ? Feb 25, 2019 18:53 |
|
cum fishmeche non argue
|
# ? Feb 25, 2019 18:56 |
|
Wiggly Wayne DDS posted:or they argue endlessly here and everyone else makes their escape to a different thread well now that you posted....
|
# ? Feb 25, 2019 18:56 |
|
https://twitter.com/j_opdenakker/status/1099779107829829632
|
# ? Feb 25, 2019 19:13 |
|
fishmech posted:what the gently caress are you smoking to not understand what i said? why do you keep talking about entirely unrelated things? Yeah! Get back to spelling discussion in the secfuck thread!
|
# ? Feb 25, 2019 19:30 |
|
i highly recommend everyone go to their website https://centerzero.org/ and watch the video, it's great
|
# ? Feb 25, 2019 22:26 |
|
|
# ? Feb 25, 2019 22:27 |
|
pretty much their selling point is "instead of a master password, you select a sequence of pictures, and pictures are unhackable!"
|
# ? Feb 25, 2019 22:33 |
|
Shame Boy posted:blargh agrhg blarghl same
|
# ? Feb 25, 2019 22:46 |
|
so who wrote this crap? their website is all sorts of vague. i am not even sure where to start with an llc search since every state handles it--assuming they even exist the fact that they are centerzero.org and not .com or whatever is even more weird
|
# ? Feb 25, 2019 22:54 |
|
Notorious b.s.d. posted:perfectly clear, with highly regular spelling, over 99% of which is still valid today you're just wrong
|
# ? Feb 25, 2019 22:54 |
|
Bhodi posted:https://twitter.com/bethwalkr/status/1099117191922962434 drop this conversation; it's not even security-related jfc
|
# ? Feb 25, 2019 22:56 |
|
so usenix dumped a whole whack of videos on their youtube from the latest conference. anyone go or have any recs for good ones to watch?
|
# ? Feb 25, 2019 22:58 |
|
no
|
# ? Feb 25, 2019 23:03 |
|
lol one of our CMS boxes was publishing its private key openly on some no-auth uri and it looks like this was somehow intentional thanks Oracle
|
# ? Feb 25, 2019 23:38 |
|
i'm tOAD
|
# ? Feb 25, 2019 23:43 |
|
Shame Boy posted:pretty much their selling point is "instead of a master password, you select a sequence of pictures, and pictures are unhackable!" The good thing about it being pictures is you don't have to hash the passwords because they aren't passwords they are pictures ya bozo for your cyberhealth
|
# ? Feb 25, 2019 23:49 |
|
just serve up 128 choices between two images and have someone remember which ones they picked. ez
|
# ? Feb 25, 2019 23:52 |
|
how do you make an uppercase dog?
|
# ? Feb 26, 2019 00:03 |
|
BangersInMyKnickers posted:how do you make an uppercase dog?
|
# ? Feb 26, 2019 00:08 |
|
BangersInMyKnickers posted:how do you make an uppercase dog? it’s a wolf op
|
# ? Feb 26, 2019 00:16 |
|
BangersInMyKnickers posted:how do you make an uppercase dog? what's uppercase dog?
|
# ? Feb 26, 2019 03:53 |
|
DrPossum posted:what's uppercase dog? Not much. What's uppercase with you?
|
# ? Feb 26, 2019 03:55 |
|
i was just showing the site to my wife cuz she loves laughing at this dumb poo poo too and we checked the terms and conditions to find some gems: first sentence, on its own line quote:Center Zero is not responsible for any misuse or neglect by the user you're expressly forbidden from translating the app into another language, and we reserve all our "database rights" quote:You’re not allowed to copy, or modify the app, any part of the app, or our trademarks in any way. You’re not allowed to attempt to extract the source code of the app, and you also shouldn’t try to translate the app into other languages, or make derivative versions. The app itself, and all the trade marks, copyright, database rights and other intellectual property rights related to it, still belong to Center Zero. did we say guaranteed in that video? we meant not guaranteed at all: quote:With respect to Center Zero’s responsibility for your use of the app, when you’re using the app, it’s important to bear in mind that although we endeavor to ensure that it is updated and correct at all times, Center Zero accepts no liability for any loss, direct or indirect, you experience as a result of relying wholly on this functionality of the app. i also noticed if you look closely at the images in the demo screenshot you can see an ad for 1Password and some other password manager i can't quite make out, a screenshot of the homepage of imgur as of a few weeks ago, and pictures of what appear to be the vending machine in their office:
|
# ? Feb 26, 2019 05:34 |
|
someone likes EF civics
|
# ? Feb 26, 2019 05:40 |
|
https://twitter.com/Anotherfilmnerd/status/1100258243736203265
|
# ? Feb 26, 2019 07:46 |
|
one thousand two hundred and thirty four people is a pretty nice total for a movie monster
|
# ? Feb 26, 2019 08:03 |
|
everyone knows the best monsters are where the threat is implied rather than explicit which is why mine is the best with 0000 kills
|
# ? Feb 26, 2019 10:45 |
|
Jabor posted:one thousand two hundred and thirty four people is a pretty nice total for a movie monster great now i have to change the code on my luggage
|
# ? Feb 26, 2019 10:55 |
|
BangersInMyKnickers posted:how do you make an uppercase dog? an uppercase dog is when they stand on their hind legs to see what's on top of the table (and steal same)
|
# ? Feb 26, 2019 13:52 |
|
What the gently caress happened itt? I laughed, I loved, and I learned.
|
# ? Feb 26, 2019 15:26 |
|
Fuzzy Mammal posted:so usenix dumped a whole whack of videos on their youtube from the latest conference. anyone go or have any recs for good ones to watch? https://twitter.com/ic0nz1/status/1100413895141773312 https://github.com/RUB-NDS/TLS-Padding-Oracles quote:TLS Padding Oracles
|
# ? Feb 26, 2019 17:58 |
|
UGGGGGHHHHH Amazon and it’s third party security auditing service. Them: “This device must have full disk encryption.” Us: “It’s in a locked box, no root user, a signed bootloader, custom SELinux contexts, and a TPM for update keys, we don’t have the man power to ssh into every device and unlock the disk in the event of a power outage.” Them: “No, this won’t pass without full disk encryption.” Us: “What if we auto-unlock the device on boot up?” Them: “That will work.” Thanks checkbox checking guy for the security theater!
|
# ? Feb 26, 2019 19:00 |
|
ratbert90 posted:UGGGGGHHHHH Amazon and it’s third party security auditing service. good for them. disk encryption is important whether you think it is or not
|
# ? Feb 26, 2019 20:10 |
|
yeah disk encryption helps you in the case that someone smuggles a drive out or you don't properly destroy a disk when you toss it. there's zero reason to not use it.
|
# ? Feb 26, 2019 20:44 |
|
otoh, if the box can unlock its own encryption on boot, so can an attacker
|
# ? Feb 26, 2019 20:49 |
|
lol
|
# ? Feb 26, 2019 20:57 |
|
ozymandOS posted:otoh, if the box can unlock its own encryption on boot, so can an attacker there are plenty of scenarios where the drive could be exposed but not the rest of the computer the improper disposal example above doesn't even require a malicious actor
|
# ? Feb 26, 2019 21:07 |
|
|
# ? May 20, 2024 10:33 |
|
ozymandOS posted:otoh, if the box can unlock its own encryption on boot, so can an attacker that's what tpm is for, surely?
|
# ? Feb 26, 2019 21:09 |