|
Shame Boy posted:i assume you mean bug bounty and not that google maintains a list of people they will pay to have murdered
|
# ? Apr 1, 2019 20:07 |
|
|
# ? May 9, 2024 19:42 |
|
that's just a hole in the floor leading to a garbage chute, with CONTRACTOR written above it in green sharpie
|
# ? Apr 1, 2019 20:09 |
|
Shame Boy posted:i assume you mean bug bounty and not that google maintains a list of people they will pay to have murdered
|
# ? Apr 1, 2019 20:14 |
|
still, might not be a good idea to steal any shopping carts from the google compound
|
# ? Apr 1, 2019 20:23 |
|
https://groups.google.com/forum/#!msg/golang-announce/tjyNcJxb2vQ/n0NRBziSCAAJquote:Hello gophers,
|
# ? Apr 1, 2019 23:01 |
|
but really who will ever need more than 256gb of key? i mean that's really a lot of key! probably it's ok to start reusing key at that point because any attacker will have given up and gone home after the first 128gb or so.
|
# ? Apr 1, 2019 23:30 |
|
Lain Iwakura posted:i need to get around to reading this yeah it sucks rear end and the industry is a joke
|
# ? Apr 1, 2019 23:35 |
|
i'm gonna fix this entire class of bug with my new crypto-as-a-service startup. no more worrying over whether or not your crypto libraries have unpatched vulnerabilities in them. no more scrabbling around trying to find a trustworthy crypto library in your hipster language of the month. now you just make a simple http request to our web api and our guaranteed-correct implementation returns as many bytes of key stream as you need, computed on the fly in our secure maryland datacenter
|
# ? Apr 1, 2019 23:53 |
|
Soricidus posted:i'm gonna fix this entire class of bug with my new crypto-as-a-service startup. no more worrying over whether or not your crypto libraries have unpatched vulnerabilities in them. no more scrabbling around trying to find a trustworthy crypto library in your hipster language of the month. now you just make a simple http request to our web api and our guaranteed-correct implementation returns as many bytes of key stream as you need, computed on the fly in our secure maryland datacenter you joke but wasn't there some idiot bitcoin wallet generator that was just returning the dame key for everyone because the domain that they sourced entropy from expired/they were total idiots
|
# ? Apr 2, 2019 00:08 |
|
Powerful Two-Hander posted:you joke but wasn't there some idiot bitcoin wallet generator that was just returning the dame key for everyone because the domain that they sourced entropy from expired/they were total idiots iirc they were making http requests to a random number generator site, then that site turned off that feature and started returning an error page telling you to use https, and the app dutifully used the error page as its "random" bytes
|
# ? Apr 2, 2019 00:22 |
|
Jabor posted:iirc they were making http requests to a random number generator site, then that site turned off that feature and started returning an error page telling you to use https, and the app dutifully used the error page as its "random" bytes ah yeah that was it. so both an expired domain and total idiots!
|
# ? Apr 2, 2019 00:28 |
|
iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed
|
# ? Apr 2, 2019 00:31 |
|
Jabor posted:iirc they were making http requests to a random number generator site, then that site turned off that feature and started returning an error page telling you to use https, and the app dutifully used the error page as its "random" bytes lol that rules
|
# ? Apr 2, 2019 00:33 |
|
Lutha Mahtin posted:iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed This pretty much encapsulates why I hate blockchain/smart contracts.
|
# ? Apr 2, 2019 01:27 |
|
Lutha Mahtin posted:iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed Crypto.txt
|
# ? Apr 2, 2019 01:49 |
|
Lutha Mahtin posted:iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed lmao
|
# ? Apr 2, 2019 02:25 |
|
Lutha Mahtin posted:iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed sadly this part isn't true, you're thinking of that time they launched the first autonomous corporation and someone robbed it blind
|
# ? Apr 2, 2019 02:26 |
|
Lutha Mahtin posted:iirc there was also no way to fix it because the http requests were coming from an ethereum smart contract that couldn't be changed Didn't someone once accidentally delete a whole block chain with the equivalent of a force push?
|
# ? Apr 2, 2019 02:30 |
|
Acer Pilot posted:Didn't someone once accidentally delete a whole block chain with the equivalent of a force push? these things are sort of subject to their own Poe's law. Some of them are lies to cover the scam, some of them happened. But they're always so stupid as to be plausible
|
# ? Apr 2, 2019 03:31 |
|
Acer Pilot posted:Didn't someone once accidentally delete a whole block chain with the equivalent of a force push? dunno about all the formally-specified strength of a force push "i'm eth newbie..just learning" "sending kill() destroy() to random contracts" "you can see my history" "😟(((((((((((((((((((((((((((((((" when devops199 discovered that anyone can kill your contract #6995 in "parity", some ethereum smart contract thing more details here in power, devops199
|
# ? Apr 2, 2019 03:40 |
|
the internet was a mistake. i just saw cloudflare is launching a "free vpn." idk how i missed the 1.1.1.1 thing, what was the pos' ruling on that?
|
# ? Apr 2, 2019 04:01 |
|
Acer Pilot posted:the internet was a mistake. I use 1.1.1.1 for my routers dns and it works great
|
# ? Apr 2, 2019 04:23 |
Acer Pilot posted:Didn't someone once accidentally delete a whole block chain with the equivalent of a force push? kinda more like ran "rm -rf " in a remote production server without realizing that a script they just run previously had given their account root privileges and dropped them in / . basically smart contracts can call code at other addresses almost like libraries, and the way this one incredibly popular multi-sig wallet "app" worked was to store ownership and permissions in your address with enough code to then call code at a central smart contract address which handled all of the stuff like what to do with that privilege info and when sending the money was ok. included in that code was a bit that basically set up a new address and registered other address to control that address. someone new to everything saw that code and out of curiosity sent the command to set up the central smart contract address with their address being in control. and it worked. they then sent the command to undo the setup because they wanted to just leave it alone. the undo setup code however was intended to be called by and executed on a third party address and basically just wipes the code from the address it is pointed at. so the code tried to wipe itself (because the code executing was at the address it was executing on it automatically had full control to do anything) and it did, mostly. unfortunately it left just enough poo poo behind to run to completion but not actually work, meaning any addresses pointing to it would find code to basically just do nothing and exit when any attempt was done to do anything. code at an address takes absolute priority over even commands signed by an address's ownership keys. that meant the owners of the addresses with wallets couldn't move their money out and the owner of the central address couldn't restore a working copy because in both cases the eth network would try to execute the code first which would just say "done" without doing anything. every single iota of etherium in any wallet using that system was instantly and irretrievably frozen. smart contracts are astonishingly dumb ideas.
|
|
# ? Apr 2, 2019 04:30 |
|
LordSaturn posted:sadly this part isn't true, you're thinking of that time they launched the first autonomous corporation and someone robbed it blind no, i remember "The DAO" too. but i admit that i very well might be misremembering the specifics of the "our online keygen site went defunct and is now 404" or however that silly debacle worked out. i am pretty sure a smart contract was involved in that one somehow, but i don't remember enough to go search for it
|
# ? Apr 2, 2019 04:53 |
|
jit bull transpile posted:I use 1.1.1.1 for my routers dns and it works great Same. I don’t know about their VPN, but note they have a free tier and a paid tier. The paid tier is supposedly faster, so I imagine there’s some kind of throttling going on with the VPN. They also spell out what information they collect (surprisingly little), but that might be down to your threshold of how much you believe corporations. As always the answer is algo + Digital Ocean droplet if you need a VPN.
|
# ? Apr 2, 2019 05:49 |
|
Proteus Jones posted:The paid tier is supposedly faster, so I imagine there’s some kind of throttling going on with the VPN. The stated difference is that paid will use their Argo routing system (the same thing people can pay to use at the moment to reduce their website's latency)
|
# ? Apr 2, 2019 07:31 |
|
Acer Pilot posted:the internet was a mistake. jit bull transpile posted:I use 1.1.1.1 for my routers dns and it works great Cloudflare protects Nazis don't use them.
|
# ? Apr 2, 2019 07:40 |
|
spankmeister posted:Cloudflare protects Nazis don't use them. Or maybe don't use a lovely free VPN or any public VPN provider anyway because as Lain Iwakura pointed out on Twitter recently it's literally just an ISP. If you send enough packets through it you will eventually be identifiable. The key thing VPN's are useful for is making law enforcement apply for search warrants on foreign poo poo to decrease the chance they'd want to bother with your dumb rear end surfing asstr.org
|
# ? Apr 2, 2019 12:39 |
|
today on a recruiters website, a requirement for passwords:quote:Set a new password: (More than 8 characters, alphanumeric combination, Only 1 special character, new password to begin with a letter) (i tried adding more special characters and was immediately rebuffed)
|
# ? Apr 2, 2019 12:39 |
|
hey, it's a good way to screen for applicants that can follow orders to the letter even though they're pointless and stupid
|
# ? Apr 2, 2019 12:50 |
|
you are not here to produce you are here to obey
|
# ? Apr 2, 2019 13:08 |
how much of a market is there in dns lookups? seems like super valuable data especially if you can combine it with other things
|
|
# ? Apr 2, 2019 14:07 |
|
Also posting on the NICE page
|
# ? Apr 2, 2019 14:25 |
|
spankmeister posted:Also posting on the NICE page
|
# ? Apr 2, 2019 14:29 |
|
Pryor on Fire posted:how much of a market is there in dns lookups? seems like super valuable data especially if you can combine it with other things all those dns providers are primarily web hosting/ad companies so they 100% have all your other info. a free vpn is just a way to track you across the entire internet instead of the networks in which they are members.
|
# ? Apr 2, 2019 14:33 |
|
ErIog posted:Or maybe don't use a lovely free VPN or any public VPN provider anyway because as Lain Iwakura pointed out on Twitter recently it's literally just an ISP. If you send enough packets through it you will eventually be identifiable. Sure, but specifically cloudflare can eat a dick because they protect 8chan and other hate speech sites and they don't take responsibility for the hateful content being hosted there. Content that inspired the right wing terror attack in New Zealand. gently caress them.
|
# ? Apr 2, 2019 14:44 |
|
Boiled Water posted:today on a recruiters website, a requirement for passwords: if you use them all the time they stop being special
|
# ? Apr 2, 2019 14:54 |
|
while on the topic of easy to remember upstream DNS servers, is there any reason not to use the goog's 8.8.8.8 / 8.8.4.4 i mean i know it's google and their promise not to mine it for personal data or w/e means absolutely nothing but other than that
|
# ? Apr 2, 2019 14:58 |
|
Grace Baiting posted:"i'm eth newbie..just learning" lmao i forgot about that one
|
# ? Apr 2, 2019 14:59 |
|
|
# ? May 9, 2024 19:42 |
|
Shame Boy posted:if you use them all the time they stop being special don’t shame my pwords
|
# ? Apr 2, 2019 15:22 |