|
Lutha Mahtin posted:you can make strong passwords that are easy to remember tho or you can just memorise one-two competently strong passwords, that sounds like something an average adult can handle
|
#
?
Mar 5, 2019 19:33
|
|
|
|
| # ? May 20, 2024 09:40 |
|
|
I heard back from one of the 1password team members, the tl;dr is that 1password by design stores an encrypted offline cache and as such can't be tied to a 2FA system as such (passwords need to be recoverable in cases of limited connectivity). it's not a feature they've outright written off, but it's not in their current active plans either
|
|
#
?
Mar 5, 2019 19:36
|
|
|
https://twitter.com/zer0pwn/status/1102048690414501889 https://twitter.com/zer0pwn/status/1102053664120848385 https://twitter.com/zer0pwn/status/1102699816226742274
|
|
#
?
Mar 5, 2019 19:55
|
|
|
|
|
#
?
Mar 5, 2019 20:18
|
|
|
Wow, that was a few days ago. I hope they addressed it by now. https://twitter.com/RespawnJobs/status/1096090384239714305 lol CmdrRiker fucked around with this message at 20:29 on Mar 5, 2019 |
|
#
?
Mar 5, 2019 20:27
|
|
|
CmdrRiker posted:Wow, that was a few days ago. I hope they addressed it by now. guess the new hire just learned a few valuable security lessons rofl
|
|
#
?
Mar 5, 2019 21:03
|
|
|
My Linux Rig posted:guess the new hire just learned a few valuable security lessons rofl whoomfp
|
|
#
?
Mar 5, 2019 21:22
|
|
|
is it just me or are these "i've got your old password via hacking and definitely not just using a big list" emails getting less and less understandablequote:Hi! tbh changing the signatures every 4 hours sounds like a great way to get past antiviruses also if you look up that address some people actually seem to have paid in the last few hours  https://www.blockchain.com/btc/address/1B3Lx1t4CQSt3ck85bqzGHC9TeEQGANhUR
|
|
#
?
Mar 5, 2019 22:49
|
|
|
Shame Boy posted:is it just me or are these "i've got your old password via hacking and definitely not just using a big list" emails getting less and less understandable I forced a neural net to read 1,000 threatening emails, and
|
|
#
?
Mar 5, 2019 22:54
|
|
|
haveblue posted:I forced a neural net to read 1,000 threatening emails, and occasionally their bots misfire and you can see that the mails are basically built up like <greeting><first sentence><second sentence> etc, and presumably they come up with a couple of dozen alternatives for each which is why sometimes it jumps from relatively lucid to gibberish. gmail's spam filters, at least, are supposedly trained to look for "natural language" patterns and presumably this is meant to be a way past it - however not one of these mails has ever made its way past the spam filter on my personal gmail (i get 10 or 12 a day mostly about accounts i'd long forgotten i ever had) so 
|
|
#
?
Mar 5, 2019 23:30
|
|
|
ya i posted a broken one i got a month or so ago
|
|
#
?
Mar 5, 2019 23:42
|
|
|
if I was running a scam with cyber coins I’d use some seed money that way, yeah
|
|
#
?
Mar 5, 2019 23:42
|
|
|
I got one of them, and it didn't even include an old password.
|
|
#
?
Mar 5, 2019 23:47
|
|
|
at this point about 90% of those emails that i've gotten have included a password that i don't seem to have ever actually used anywhere
|
|
#
?
Mar 5, 2019 23:54
|
|
|
Ghidra is out the NSA's open source reverse engineering framework. Not had a chance to really play with the thing yet. It's unsurprisingly Java. e: This is awesome, live and quite fast decompilation. Hexyflexy fucked around with this message at 01:27 on Mar 6, 2019 |
|
#
?
Mar 6, 2019 00:52
|
|
|
do you nerds actually read the stuff in your spam folder? related to that, i dunno if this is true but i feel like i just don't get a lot of spam email anymore. my serious business personal account has like 11 in it that haven't been auto-deleted yet, and half of them rn are from local oil change places that i actually did give my email to e: what the hell is "sleigh"? the ghidra thing says it is a million+ lines of "java and sleigh code" Lutha Mahtin fucked around with this message at 01:34 on Mar 6, 2019 |
|
#
?
Mar 6, 2019 01:24
|
|
|
Lutha Mahtin posted:e: what the hell is "sleigh"? the ghidra thing says it is a million+ lines of "java and sleigh code" The source isn't out yet, I'm going to guess custom scripting language.
|
|
#
?
Mar 6, 2019 01:53
|
|
|
Lutha Mahtin posted:do you nerds actually read the stuff in your spam folder? yes because it comes into my inbox now as the work spam filter blows - tiny umbrella - floating moon lamp - walking 3D T. rex puzzle - ear cleaning endoscope and I got one that says “My kid love trains now” which was the scariest of all
|
|
#
?
Mar 6, 2019 01:54
|
|
|
Hexyflexy posted:The source isn't out yet, I'm going to guess custom scripting language. i hope it's just java but to instantiate, instead of "new" you use "wheeeeee"
|
|
#
?
Mar 6, 2019 02:10
|
|
|
Lutha Mahtin posted:do you nerds actually read the stuff in your spam folder? idk sometimes I read it cause I’m curious what spam looks like now i contributed to the Democrats in the last election so now its chock full of scary trump news
|
|
#
?
Mar 6, 2019 02:12
|
|
|
aside from the oil change promotions my spam folder was pretty much all shady dating site stuff with lots of emojis in the subject line
|
|
#
?
Mar 6, 2019 02:41
|
|
|
I'm pretty impressed by spam filters nowadays. I've got a gmail address that's a simplified dictionary word and I pretty much just get legitimately missent emails and almost no spam.
|
|
#
?
Mar 6, 2019 02:53
|
|
|
of the 23 messages in my spam folder, one is a legitimate but unwanted junk mail from WB Games, one is a legitimate notification mail for some rear end in a top hat abusing another forum, two are NETLX credential phishes, one is a United States Posta credential phish, two are Chinese-language dick pill advertisements and the rest are scams (mostly 419, one in German, one in French) I can't remember the last time an actual spam message landed in my inbox
|
|
#
?
Mar 6, 2019 02:54
|
|
|
Meat Beat Agent posted:at this point about 90% of those emails that i've gotten have included a password that i don't seem to have ever actually used anywhere I'm also getting a bunch to email addresses that don't exist so therefore can't have been harvested from pw dumps.
|
|
#
?
Mar 6, 2019 02:59
|
|
|
I mostly just get random full disclosure mailing list emails flagged as spam for no apparent reason Being subscribed to a bunch of old mailing lists is like my Crudbump NSA butte-defense-shield
|
|
#
?
Mar 6, 2019 03:00
|
|
|
Lutha Mahtin posted:e: what the hell is "sleigh"? the ghidra thing says it is a million+ lines of "java and sleigh code" it's basically just xml used to describe a cpu architecture. so if you wanted to add support for a new processor, you use sleigh. just look for all the .sla files in the Ghidra/Processors folder
|
|
#
?
Mar 6, 2019 03:07
|
|
|
astr0man posted:it's basically just xml used to describe a cpu architecture. so if you wanted to add support for a new processor, you use sleigh. just look for all the .sla files in the Ghidra/Processors folder can you provide any URL for this thing because i am apparently a complete moron who fails at web searching
|
|
#
?
Mar 6, 2019 03:15
|
|
|
Lutha Mahtin posted:can you provide any URL for this thing because i am apparently a complete moron who fails at web searching their open source repo isn't out yet, so no, but if you download ghidra you can see the sla files for all the currently supported processors. it's been like 7 or 8 years since i last used ghidra, but iirc basically sleigh describes a cpu arch so that instructions from any arbitrary arch can be properly translated into pcode, which is the intermediate format that the ghidra decompiler uses. it looks like they haven't posted any sleigh or pcode related documentation yet though.
|
|
#
?
Mar 6, 2019 03:24
|
|
|
mfw when our customer indicates that they need intermediate proxies to log full request bodies because "it's necessary for debugging purposes" and they swear that having a regex filter on the contents will avoid any possible issues. bonus points because said customer is a loving (major) bank
|
|
#
?
Mar 6, 2019 04:05
|
|
|
Important news: Ghidra has undo.
|
|
#
?
Mar 6, 2019 09:27
|
|
|
Partycat posted:and I got one that says “My kid love trains now” which was the scariest of all that's what vaccination gets you
|
|
#
?
Mar 6, 2019 09:47
|
|
|
spankmeister posted:Important news: Ghidra has undo. that's so 1993
|
|
#
?
Mar 6, 2019 11:21
|
|
|
spankmeister posted:Important news: Ghidra has undo. but does it have reverse?
|
|
#
?
Mar 6, 2019 11:40
|
|
|
better run this application developed by a famously tricky and knowledgeable adversary as soon as it's released!
|
|
#
?
Mar 6, 2019 12:14
|
|
|
like, i know it will be harmless and do exactly what it says on the tin. but still, lol
|
|
#
?
Mar 6, 2019 12:16
|
|
|
there's a new zachatronics out??
|
|
#
?
Mar 6, 2019 12:16
|
|
|
spankmeister posted:Important news: Ghidra has undo. https://twitter.com/hackerfantastic/status/1103087869063704576
|
|
#
?
Mar 6, 2019 13:29
|
|
|
goddamnedtwisto posted:that's what vaccination gets you 
|
|
#
?
Mar 6, 2019 13:44
|
|
|
Wiggly Wayne DDS posted:there's a new zachatronics out??
|
|
#
?
Mar 6, 2019 15:40
|
|
|
|
| # ? May 20, 2024 09:40 |
|
|
Cocoa Crispies posted:if I was running a scam with cyber coins I’d use some seed money that way, yeah i've checked the bitcoin addresses of all the different ones of these i've gotten and this is the first one that actually had any money in it, and judging by how weird the transfer is structured it was probably transferred from one of those online wallet services and not an individual wallet, which seems like a weird extra step that's gonna cost you a bunch in fees if you're just seeding the pot
|
|
#
?
Mar 6, 2019 16:54
|
|