|
Really sad someone has https://www.amicybersafe.org right now.
|
#
?
Aug 9, 2019 05:49
|
|
|
|
| # ? May 25, 2024 11:51 |
|
|
Ellipson posted:Close down Infosec, we've got 5 Dimensional Crypto now Apparently they practically booed them off the stage, it was that lovely and fake
|
|
#
?
Aug 9, 2019 12:28
|
|
|
CommieGIR posted:Apparently they practically booed them off the stage, it was that lovely and fake nevermind how bad it gets when you add nebulously defined crypto to it
|
|
#
?
Aug 9, 2019 13:54
|
|
|
Lucid Nonsense posted:I posted in here a while back, and got some good feedback. I've been promoted to a decision making level on the software dev side for an alternative to Splunk. We run splunk and elastic. I like that splunk lets you extract after forwarding. Their search syntax is also pretty easy to learn.
|
|
#
?
Aug 9, 2019 14:14
|
|
|
D. Ebdrup posted:mental illness is one hell of a drug And when they straight ignore actual maths, while claiming to know maths.
|
|
#
?
Aug 9, 2019 14:20
|
|
|
CommieGIR posted:And when they straight ignore actual maths, while claiming to know maths. quote:DON'T ROLL YOUR OWN CRYPTO
|
|
#
?
Aug 9, 2019 15:36
|
|
|
Crypto: Brought to you by the History Channel and Ancient Aliens
|
|
#
?
Aug 9, 2019 15:44
|
|
|
CommieGIR posted:And when they straight ignore actual maths, while claiming to know maths. I had a pitch from a startup whose premise was, baldly, "we violate CAP and provide all three because our code is really efficient". I'm sure someone funded them, it was a pretty well-put-together presentation.
|
|
#
?
Aug 9, 2019 15:58
|
|
|
CommieGIR posted:Apparently they practically booed them off the stage, it was that lovely and fake Not only booed them off the stage, got debunked live in person with a finisher of someone taking the mic to just yell at them, lol
|
|
#
?
Aug 9, 2019 17:05
|
|
|
LtCol J. Krusinski posted:I’ve just finished reading this entire thread, and I saved several of your posts into my keep for later.rtf file. If you wouldn’t mind, could you expand on your disdain for AV software? Is it all AV software or just certain companies? I don't really feel the need to talk about my time in the industry any longer--this was years ago and I've moved on to cooler things. My role wasn't super important but it did let me know how the inner-workings of the whole thing work. It's the fundamentals of AV that are wrong so it's irrelevant to anyone or even myself what company I worked for since the principles are all the same. The AV vendors with larger research and analysis teams are the vendors that tend to get better coverage but really that is it. AV doesn't scale well and is a technological dead-end as there are better ways to thwart off malware and the like.
|
|
#
?
Aug 9, 2019 17:23
|
|
|
Ellipson posted:Not only booed them off the stage, got debunked live in person with a finisher of someone taking the mic to just yell at them, lol
|
|
#
?
Aug 9, 2019 18:23
|
|
|
If you scroll through the twitter thread there is some video further down. People yelling “get off the stage! You shouldn’t be here!” lmao
|
|
#
?
Aug 9, 2019 18:26
|
|
|
Double Punctuation posted:Big zero-day EOP for Steam: Ars has an article with a more clear example, which is much easier to understand than the somewhat incoherent blog. The guy is russian so ESL is understandable, but in this case I've seen uninformed pushback from the Steam Defense Force & people not understanding it. I didn't quite follow the final steps in the blog myself, but looked at the guy's twitter and another security guy who had also submitted the same exploit and got stonewalled put a simple example on github. The flaw is absolutely on steam's part, and it's that the steam service stomps on security permissions every time it runs, blindly, on everything in the steam registry subdirectory. Restricting registry symbolic links to SeCreateSymbolicLinkPrivilege wouldn't help in practice since symbolic links are one of the things that doesn't fire a UAC prompt if you're an Administrator, which most people are. (It is weird that non-admins can do it in the registry tho.  )If the service only set it once when steam installs, or in a targeted way when it installs a new game, it wouldn't be quite as exploitable. Plus apparently the info steam keeps in that subdirectory is related to the redistributes that Steam now keeps centralized (rather than every game coming with 200mb of directx). Not particular games. also also, klosterdev posted:
|
|
#
?
Aug 9, 2019 18:58
|
|
|
CommieGIR posted:I'm mostly self-taught, so I have a little bit of a bias, but lab courses, youtube videos, and online guides are my classroom. Best way is a virtual lab, via Virtualbox, a couple VMs, and a Kali instance. I tend to agree. You won't catch me knocking classroom learning -- it's a great way to learn theory and fundamentals, and I'm very glad of my CS degree -- but you've got to supplement that with reading cool poo poo and trying cool poo poo for yourself. Hell, at one job soon after college, I got a reputation as the office's "white hat hacker" because I was able to recover a bunch of deleted emails from someone's local Outlook mailbox. I happened to have run across the method of blowing away the table of contents with a hex editor and then letting scanpst rediscover everything. Not exactly an advanced technique, but nobody else there knew of it, and it's not really the sort of thing that would come up in a classroom either. And that job led directly to one where I started having actual infosec responsibilities (and started realizing just how much I still had to learn).
|
|
#
?
Aug 9, 2019 19:11
|
|
|
Lain Iwakura posted:I don't really feel the need to talk about my time in the industry any longer--this was years ago and I've moved on to cooler things. My role wasn't super important but it did let me know how the inner-workings of the whole thing work. Thanks for the response. I actually found an old OP you did for the “Your operating system has poor operational security” thread and it answered any questions I had about AV. I’m trying to read all the IT and Infosec threads, there’s good nuggets of info in those threads, there are lots of good recommendations and what have you.
|
|
#
?
Aug 9, 2019 19:11
|
|
|
Oh, everything makes sense now. It was a sponsored talk. Has DEFCON^wblackhat sold out? BlankSystemDaemon fucked around with this message at 19:52 on Aug 9, 2019 |
|
#
?
Aug 9, 2019 19:39
|
|
|
noted good security events defcon and blackhat
|
|
#
?
Aug 9, 2019 19:44
|
|
|
Defenestrategy posted:I "Learn to use Kali, learn to use Wireshark, and Learn to use niche software that looks like it hasn't been updated since the mid 2000's and hopefully not cop some liability for accidentally destroying evidence". On the flip, tools created in the mid 2000s are still good when you are finding systems that have not been updated since the mid 2000s.
|
|
#
?
Aug 9, 2019 19:47
|
|
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. No, but they will next year, which is 2009.
|
|
#
?
Aug 9, 2019 19:59
|
|
|
EVIL Gibson posted:On the flip, tools created in the mid 2000s are still good when you are finding systems that have not been updated since the mid 2000s. True, but I have no clue if it was because the tools are niche enough, I can't remember exactly which tools but there was some stuff for steganography and recovery of deleted/scrubbed files we played with, the company who produces it can just kinda coast on a really poor Windows 98 UI that crashes on newer systems or if the school was just cheap and using depreciated software, or both.
|
|
#
?
Aug 9, 2019 20:10
|
|
|
ah not naming names just encase they find out
|
|
#
?
Aug 9, 2019 20:14
|
|
|
Just your regular reminder of where my hatred of AV comes from: https://twitter.com/ericlaw/status/1159850783862640641 Avast has done this poo poo before too.
|
|
#
?
Aug 9, 2019 21:13
|
|
|
I'm sorry, Jon.
|
|
#
?
Aug 9, 2019 21:20
|
|
|
Stanley Pain posted:I'm sorry, Jon. I hate zero days Jon
|
|
#
?
Aug 9, 2019 21:43
|
|
|
Lain Iwakura posted:Just your regular reminder of where my hatred of AV comes from: Yeah, our most common crashes in Firefox were consistently a) Flash, b) Flash, c) DLLs injected by AV bullshit, d) Flash. It's been going on a long time.
|
|
#
?
Aug 9, 2019 22:35
|
|
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. This happens pretty regularly. Enough that I think they have a a spot or two reserved for nutters. Normally they're entertaining enough noone really cares.
|
|
#
?
Aug 10, 2019 01:58
|
|
|
D. Ebdrup posted:Oh, everything makes sense now. It was a sponsored talk. 
|
|
#
?
Aug 10, 2019 02:27
|
|
|
yea actually
|
|
#
?
Aug 10, 2019 02:29
|
|
|
I wish we could make this the thread title
|
|
#
?
Aug 10, 2019 02:36
|
|
|
Next week as my team's on-call rotation is rolling over, gonna offer the next person up the choice of drowning in alerts or balls and see what happens. Because the best move isn't obvious here.
|
|
#
?
Aug 10, 2019 03:41
|
|
|
Docjowles posted:Next week as my team's on-call rotation is rolling over, gonna offer the next person up the choice of drowning in alerts or balls and see what happens. Because the best move isn't obvious here. It's kind of disappointing that no one has made a teabagging emoji yet.
|
|
#
?
Aug 10, 2019 03:43
|
|
|
Never seen a better name, post, avatar combination before.
|
|
#
?
Aug 10, 2019 03:44
|
|
|
Anyone ever use Bay Dynamics Risk Fabric? Seems ok, waiting on a PoC to be installed in our lab soo.
|
|
#
?
Aug 10, 2019 04:33
|
|
|
|
|
#
?
Aug 10, 2019 05:42
|
|
|
|
|
#
?
Aug 10, 2019 06:28
|
|
|
Just that picture is enough to make me laugh. That whole poo poo-show was amazing.
|
|
#
?
Aug 10, 2019 14:35
|
|
|
Wiggly Wayne DDS posted:ah not naming names just encase they find out Since OpenText took over that product has taken a nosedive.
|
|
#
?
Aug 11, 2019 03:20
|
|
|
What's the best option for a group of u.s. immigration lawyers looking to move off of Facebook? I'm suggesting Signal, but I think they want something more like the fb group setup. Tech skills vary too much for anything extremely niche, and they are using phones, macs, and pcs. I've lurked in the thread on and off for years, but am not skilled or qualified, just looking to give a group of good people doing good work good advice. I'm not sure what options exist that are secure against both bad actors and, potentially, state actors  . Is discord/slack probably fine? I don't want to be too paranoid, but, you know, America.
|
|
#
?
Aug 11, 2019 07:00
|
|
|
The Aphasian posted:What's the best option for a group of u.s. immigration lawyers looking to move off of Facebook? I'm suggesting Signal, but I think they want something more like the fb group setup. Tech skills vary too much for anything extremely niche, and they are using phones, macs, and pcs. What makes you think Discord or Slack are somehow anymore secure or safe than Facebook? Maybe use Telegram or something I dunno, not sure what you mean by "fb group setup" and this seems pretty paranoid.
|
|
#
?
Aug 11, 2019 07:02
|
|
|
|
| # ? May 25, 2024 11:51 |
|
|
Sorry. I meant they will want something with the ability to follow different threads/posts/conversations in a format that allows a moderator to add and remove people as needed. I honestly don't know how discord or slack compare because I'm ignorant. I am probably overthinking it. Ive been editing a podcast for an immigration lawyer, and the stories and cases they discuss probably just made me depressed and paranoid.
|
|
#
?
Aug 11, 2019 08:07
|
|